Definition

piggybacking

By

What is piggybacking?

Piggybacking, in the context of Wi-Fi, is the use of a wireless connection to gain access to the internet without proper authority. Piggybacking is also sometimes referred to as Wi-Fi squatting and tailgating.

What is the purpose of piggybacking?

The purpose of piggybacking is simply to gain free network access.

Often this isn't done with malicious intent, but it is still considered theft because the user is taking advantage of a service that they have not paid for or don't have the legal right to use.

A network that is vulnerable to piggybacking for network access is equally vulnerable when the purpose is a data breach, dissemination of viruses or some other illicit activity.

Best practices for avoiding data breaches — Piggybacking can lead to data breaches, plus loss of money and property.

How does piggybacking work?

Piggybacking worked in the past because all one would have to do was take advantage of the fact that most Wi-Fi networks were not encrypted. This means that anyone within range of the signal could access the network without having to enter a password.

To access an unsecured wireless network, all you had to do was to get into the range of a Wi-Fi hotspot's signal and select your chosen network from the options presented.

Today most Wi-Fi networks are encrypted with passwords, which makes piggybacking much more difficult. It is still possible for someone to access a network if they have the password or if they can crack the encryption.

What are the consequences of piggybacking?

Chart of wireless vs. WLAN vs. Wi-FI — Piggybacking can lead to slower internet speeds for everyone on a Wi-Fi network and comprise security.

As stated previously, piggybacking is illegal. People have been fined for accessing hotspots from outside businesses, such as coffee shops, that provide free Wi-Fi for customers' use.

In some cases, people have been arrested for accessing Wi-Fi networks without permission.

Piggybacking can also lead to slower internet speeds for everyone on the network, as well as decreased security.

How can you prevent piggybacking?

The best way to prevent piggybacking is to make sure that the Wi-Fi network and router are properly secured with a strong password.

Also, keep an eye out for people loitering outside of businesses or other places where Wi-Fi is accessible. If users see someone hanging around who doesn't seem to belong, let a manager know.

People should also use a strong password for their Wi-Fi network and make sure that it is not easily guessed. A strong password should be at least eight characters long and include a mix of letters, numbers and special characters.

You can also consider using a virtual private network (VPN) to encrypt your internet traffic and keep your data safe from prying eyes when using public Wi-Fi hotspots that are open to the public.

See also: watering hole attack, dumpster diving, shoulder surfing, social engineering, ransomware

This was last updated in November 2022

Continue Reading About piggybacking

Differences among WEP, WPA, WPA2 and WPA3 wireless security protocols

Enterprises mull 5G vs. Wi-Fi security with private networks

Wi-Fi 6 explained: Speed, range, latency, frequency and security

4 ways to build a thoughtful security culture

The future of VPNs in the enterprise

Networking

ternary content-addressable memory (TCAM)
Ternary content-addressable memory (TCAM) is a specialized type of high-speed memory that searches its entire contents in a ...
5G standalone (5G SA)
5G standalone (5G SA) is a cellular infrastructure built specifically for 5G services by implementing 5G standards and protocols ...
Cisco IOS (Cisco Internetwork Operating System)
Cisco IOS (Internetwork Operating System) is a collection of proprietary operating systems (OSes) that runs on Cisco hardware ...

Security

timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about...
privileged identity management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an ...
possession factor
The possession factor, in a security context, is a category of user authentication credentials based on items that the user has ...

CIO

business process reengineering (BPR)
Business process reengineering (BPR) is a management practice in which business processes used are radically redesigned to ...
innovation management
Innovation management involves the process of managing an organization's innovation procedure, starting at the initial stage of ...
radical innovation
Radical innovation is an invention that destroys or supplants an existing business model.

HRSoftware

employee resource group (ERG)
An employee resource group is a workplace club or more formally realized affinity group organized around a shared interest or ...
employee training and development
Employee training and development is a set of activities and programs designed to enhance the knowledge, skills and abilities of ...
employee sentiment analysis
Employee sentiment analysis is the use of natural language processing and other AI techniques to automatically analyze employee ...

Customer Experience

customer profiling
Customer profiling is the detailed and systematic process of constructing a clear portrait of a company's ideal customer by ...
customer insight (consumer insight)
Customer insight, also known as consumer insight, is the understanding and interpretation of customer data, behaviors and ...
buyer persona
A buyer persona is a composite representation of a specific type of customer in a market segment.

Close