It’s time to take the warnings about using airport public Wi-Fi seriously

Over the years, travelers have been repeatedly warned to avoid public Wi-Fi in places like airports and coffee shops. Airport Wi-Fi, in particular, is known as a hacker honeypot, due to its often lax security. But while many people know they should stay away from free Wi-Fi, it seems as irresistible to travelers as it is to hackers, who are now revising an old cybercrime tactic to their advantage.

The arrests in Australia over the summer raised alarms in the United States that cybercriminals are finding new ways to profit from so-called “bad twin” attacks. Also classified as a type of cybercrime called “Man in the Middle”, malicious hacking occurs when a hacker or hacking group sets up a fake Wi-Fi network, often in public settings where many users can be expected to connect.

In this case, an Australian man was charged with Wi-Fi attacks on domestic flights and airports in Perth, Melbourne, and Adelaide. He allegedly set up a fake Wi-Fi network to steal emails or social media information.

“As society has become more accustomed to unleashing Wi-Fi everywhere, you would expect malicious twin attacks to become more common,” said Matt Radolec, vice president of incident response and cloud operations at data security firm Varonis, adding that no one learns. terms and conditions or checking URLs on free Wi-Fi.

“It’s almost a game to see how quickly you can click ‘accept’ and then ‘sign in’ or ‘connect.’ This is a strategy, especially when visiting a new site, the user may not even know how the official site should look when presented with a fake domain,” said Radolec.

Today’s ‘evil twins’ can hide easily

One of the dangers of twin attacks today is that technology is so easy to hide. The evil twin can be a small device and can be tucked behind a display in a coffee shop, and a small device can have a big impact.

“A device like this could provide a compelling copy of a valid login page, potentially inviting unsuspecting device users to enter their username and password, which would then be collected for future use,” said Cincinnati-based IT consultant Brian Alcorn.

The site doesn’t even have to actually import you. “Once you enter your information, the deed is complete,” Alcorn said, adding that a tired, weary traveler might think the airport’s Wi-Fi has issues. and don’t give it another thought.

People who are not careful with their passwords, such as using the names of their pets or favorite sports teams as their passwords for everything, are more vulnerable to the evil twin attacks. Alcorn says that for people who reuse username and password combinations online, once the credentials are found they can be fed into AI, where its power can quickly give hackers the key.

“You’re at risk of being taken advantage of by someone with less than $500 worth of equipment and less skill than you might think,” Alcorn said. “An attacker just has to be motivated with basic IT skills.”

How to avoid becoming a victim of this online crime

If you are in public places, experts say it is better to use other methods instead of public WiFi networks.

“My favorite way to avoid a nasty twin attack is to use your phone’s hotspot whenever possible,” said Brian Callahan, Director of the Rensselaer Cybersecurity Collaboratory at Rensselaer Polytechnic Institute.

Users will be able to detect the attack if the phone relies on its mobile data and share it through a mobile hotspot.

“You’ll know the name of that network once you’ve done it, and you can enter a strong password that only you know to connect to it,” Callahan said.

If a hotspot isn’t an option, a VPN can also provide some protection, says Callahan, such as traffic must be encrypted to and from the VPN.

“So even if someone else can see the data, they can’t do anything about it,” he said.

Airport, airline cyber security issues

In most airports, responsibility for WiFi is outsourced and the airport itself has little if any involvement in securing it. At Dallas Fort Worth International Airport, for example, Boingo is the Wi-Fi provider.

“The airport’s IT team does not have access to its systems, and we are unable to see the use of the dashboards,” said an airport spokesperson. “The network is separate from the DAL systems as it is an independent system that is not directly connected to any networks or systems of the City of Dallas.”

A spokesman for Boingo, which provides assistance at about 60 airports in North America, said it can identify rogue Wi-Fi access points through its network management. “The best way to protect passengers is to use Passpoint, which uses encryption to automatically connect users to authenticated Wi-Fi for a secure online experience,” he said, adding that Boingo has provided Passpoint since 2012 to improve Wi-Fi security. Fi and security. remove the risk of connecting to malicious sites.

Alcorn says that serious twin attacks “definitely” happen all the time in the United States, and it’s rare that someone gets caught because the attacks are fake. And sometimes hackers use this attack as a learning model. “Several twin attacks may be experiments with medium-to-medium skill people to see if they can do it and be successful, even if they don’t use the information gathered immediately,” he said.

The surprise in Australia was not the terrible twinning attack itself, but the arrest.

“This incident is not unique, but it is unusual for a suspect to be arrested,” said Aaron Walton, a threat analyst at Expel, a private security company. “In general, airlines are not equipped and not ready to handle or mediate suspected hacking. The lack of arrests and punishments should motivate travelers to be careful with their data, knowing what is tempting and often unguarded – especially when the airport.”

In the case of Australia, according to the Australian Federal Police, a lot of people have their books stolen.

According to an AFP press release, “When people tried to connect their devices to free WiFi networks, they were taken to a fake web page that required them to sign in using their email or social media login. Those details were then stored on the man’s devices.”

Once that information is harvested, it can be used to extract additional information from victims, including bank account information.

For hackers to be successful, they don’t have to fool everyone. If they can persuade just a few people – mathematically easy to do when thousands of harassed and rushed people are circling the airport – they will succeed.

“We expect WI-Fi to be everywhere. If you go to a hotel, or an airport, or a coffee shop, or even just going out, we expect there to be Wi-Fi and free WI-FI,” Callahan said. “Well, what’s another network name on a long list if you’re at an airport? An attacker doesn’t need everyone to connect to his evil twin, only people who keep entering information on websites that can be stolen. .”

Next time you’re at the airport, the only way to be sure you’re safe is to bring your own Wi-Fi.