Over the years, travelers have been repeatedly warned to avoid public Wi-Fi in places like airports and low shops. Airport WiFi particularly is taken into account a hacker honeypot on account of typically relatively lax security measures. But while many individuals know to avoid free Wi-Fi, it’s proving just as compelling to travelers because it is to hackers, who are actually updating an old cybercrime tactic to make the most.
A Arrest in Australia Over the summer, alarm bells rang within the US that cybercriminals were finding latest ways to make the most of so-called “evil twin” attacks. Also classified right into a kind of cybercrime called “man-in-the-middle” attacks. evil twins occurs when a hacker or hacker group sets up a fake Wi-Fi network, often in public areas where many users can connect.
In this case, an Australian was accused of carrying out a Wi-Fi attack on domestic flights and airports in Perth, Melbourne and Adelaide. He is claimed to have arrange a fake Wi-Fi network to steal email or social media credentials.
“As the general population becomes more accustomed to free Wi-Fi everywhere, expect evil twin attacks to become more common,” said Matt Radolec, vp of incident response and cloud operations at data security firm Varonis, adding that nobody reads them General terms and conditions or check the URLs within the free WiFi.
“It's almost a game to see how quickly you can click 'Accept' and then 'Sign In' or 'Connect.' “That’s the trick, especially when visiting a new location; a user may not even know what a legitimate website should look like when presented with a fake website,” Radolec said.
Today's “evil twins” can hide more easily
One of the hazards of today's TWIN attacks is that the technology is way easier to obfuscate. An evil twin could be a tiny device hidden behind a display in a coffee shop, and the small device can have a big impact.
“A device like this can provide a convincing copy of a valid login page that could prompt unwary device users to enter their username and password, which would then be collected for future exploitation,” said Cincinnati-based IT consultant Brian Alcorn.
You don't even have to register on the web site. “Once you enter your information, the deed is done,” Alcorn said, adding that a stressed-out, drained traveler would probably just think the airport Wi-Fi was having problems and never give it some thought again.
People who aren't careful with passwords, comparable to using the name of their pet or favorite sports team because the password for the whole lot, are much more vulnerable to an evil twin attack. Alcorn says individuals who reuse username and password mixtures online can feed the credentials, once obtained, into the AI, where its power can quickly provide cybercriminals with the important thing.
“You are vulnerable to exploitation by someone who has less than $500 in equipment and fewer skills than you can imagine,” Alcorn said. “The attacker only needs to be motivated by basic IT knowledge.”
Here's methods to avoid becoming a victim of this cybercrime
Experts say that in public places, it's best to make use of alternatives to public Wi-Fi networks.
“My favorite way to avoid evil twin attacks is to use your phone's mobile hotspot when possible,” said Brian Callahan, director of the Rensselaer Cybersecurity Collaboratory at Rensselaer Polytechnic Institute.
Users could detect an attack in the event that they access their mobile data on a phone and share it through a mobile hotspot.
“You will know the name of that network since you created it, and you can enter a strong password that only you know to connect,” Callahan said.
If a hotspot isn't an option, a VPN may also provide some protection, Callahan said Traffic to and from the VPN must be encrypted.
“So even if someone else can see the data, they can’t do anything about it,” he said.
Internet security issues for airports and airlines
At many airports, responsibility for WiFi is outsourced and the airport itself has little or no involvement in securing it. At Dallas Fort Worth International Airport, for instance, Boingo is the Wi-Fi provider.
“The airport's IT team does not have access to its systems, nor can we view usage and dashboards,” said For, an airport spokesman. “The network is isolated from the DAL systems as it is a separate, standalone system with no direct connection to the City of Dallas’ networks or systems internally.”
A spokeswoman for Boingo, which serves about 60 airports in North America, said the corporate can discover unwanted Wi-Fi access points through its network management. “The best way to protect passengers is to use Passpoint, which uses encryption to automatically connect users to authenticated Wi-Fi, providing a secure online experience,” she said, adding that Boingo has been offering Passpoint since 2012 to enhance WiFi security and eliminate the chance of connecting to malicious hotspots.
According to Alcorn, evil twin attacks “definitely” occur recurrently within the United States, except that it's rare for somebody to get caught because they’re stealth attacks. And sometimes hackers use these attacks as a learning model. “Many evil twin attacks can be carried out experimentally by people with beginner to advanced knowledge just to see if they can do it and get away with it, even if they don't immediately use the information they've gathered,” he said.
The surprise in Australia was not the evil twin attack itself, however the arrest.
“This incident is not an isolated incident, but it is unusual for the suspect to have been arrested,” said Aaron Walton, threat analyst at Expel, a managed services security company. “In general, airlines are not equipped and prepared to handle or mediate hacking allegations. The typical lack of arrests and punitive actions should motivate travelers to be careful with their own information, knowing what a tempting and usually unguarded target it is – especially at…
In the Australian case, dozens of people's IDs were stolen, according to the Australian Federal Police.
An AFP press release said: “When people tried to connect their devices to the free Wi-Fi networks, they were redirected to a fake website where they had to log in using their email or social media logins . This data was then allegedly stored on the man’s devices.”
Once these credentials are collected, they might be used to extract further information from victims, including checking account information.
For hackers to achieve success, they don't must idiot everyone. If they will persuade only a handful of individuals – which is statistically easy when there are literally thousands of harried and hurried people milling around an airport – they may succeed.
“We assume that WiFi is available everywhere. “When you go to a hotel, to the airport, to a coffee shop, or even just on the go, we expect there to be Wi-Fi, and often free Wi-Fi,” Callahan said. “After all, what’s one other network name within the long list if you’re in an airport? An attacker doesn't need everyone to connect with his evil twin, just just a few individuals who then enter credentials into web sites that may be stolen.”
Next time you're on the airport, the one way you’ll be able to be 100% secure is to bring your personal WiFi.
image credit : www.cnbc.com