Over the years, travelers have been warned against using public Wi-Fi in places like airports and cafes. Airport Wi-Fi, in particular, is considered a hacking honeypot because its security is often relatively lax. But while many people know they should stay away from free Wi-Fi, it's proven irresistible to both travelers and hackers, who are now updating old cybercrime tactics to exploit it.
one Arrested in Australia This summer's cybercrimes have set off alarm bells in the United States, as cybercriminals are finding new ways to profit from so-called “evil twin” attacks. Also belongs to a type of cybercrime called a “man-in-the-middle” attack. evil twin This happens when a hacker or hacker group sets up a fake Wi-Fi network, usually in a public environment where many users are expected to be connected.
In this incident, an Australian man has been accused of carrying out Wi-Fi attacks on domestic flights and airports in Perth, Melbourne and Adelaide. He allegedly set up a fake Wi-Fi network to steal email or social media credentials.
“As the general public becomes more accustomed to free Wi-Fi everywhere, evil twin attacks will become more common,” said Matt Radolec, vice president of incident response and cloud operations at data security company Varonis.
“It's almost a game to see how fast you can click 'Accept' and then 'Sign In' or 'Connect.' That's the strategy, especially when visiting a new location; when a user sees a fake website, They may not even know what a legitimate website should look like,” Radolec said.
Today’s “evil twins” are easier to hide
One of the dangers of today's twin attacks is that the technology is easier to disguise. The evil twin can be a tiny device that can be hidden behind a monitor in a coffee shop, and this small device can have a big impact.
Brian Alcorn, an IT consultant in Cincinnati, said: “Devices like this can provide eye-catching copy of a valid login page, which may invite unwary device users to enter their username and password, which will then be collected for future exploitation. .
The website doesn't even need to actually log you in. Think about it.
People who are careless with their passwords, such as using their pet's name or favorite sports team as the password for everything, are more vulnerable to the evil twin. Alcorn said that for individuals who reuse username and password combinations online, once the credentials are obtained and fed into artificial intelligence, the power of artificial intelligence can quickly provide cybercriminals with the keys.
“You're vulnerable to being exploited by people who have less than $500 worth of equipment and less skills than you think,” Alcorn said. “An attacker only needs basic IT skills.”
How to avoid becoming a victim of this cybercrime
Experts say it's best to use alternatives to public WiFi networks when in public places.
“My favorite way to avoid evil twin attacks is to use your phone's mobile hotspot if possible,” said Brian Callahan, director of the Rensselaer Cybersecurity Collaboratory at Rensselaer Polytechnic Institute.
Users will be able to detect attacks if they rely on their mobile data and share data via mobile hotspots.
“You know the name of the network since it was created and can set a strong password on it that only you know to connect to,” Callahan said.
Callahan said that if a hotspot isn't an option, a VPN can also offer some protection because Traffic to and from the VPN should be encrypted.
“So even if other people can see the data, there's nothing they can do about it,” he said.
Airport and airline network security issues
In many airports, responsibility for WiFi is outsourced, and the airport itself has little involvement in securing WiFi. For example, at Dallas-Fort Worth International Airport, Boingo is the Wi-Fi provider.
“The airport's IT team does not have access to their systems, and we cannot see usage and dashboards,” airport spokesman For said. “The network is isolated from DAL's systems in that it is a separate, independent system with no direct connection to any City of Dallas network or internal systems.”
Boingo serves about 60 airports in North America, and a spokesman said the company can identify rogue Wi-Fi access points through network management. “The best way to protect your passengers is to use Passpoint, which uses encryption to automatically connect users to authenticated Wi-Fi for a secure online experience,” she said, adding that Boingo has been offering it since 2012 Provides Passpoint to enhance Wi-Fi security and safety.
Alcorn said that “evil twin” attacks “definitely” happen frequently in the United States, but few are caught because they are stealth attacks. Sometimes hackers use these attacks as learning models. “Many evil twin attacks are probably conducted by individuals with beginner to intermediate skills just to see if they can do it and get away with it, even if they don't immediately use the information gathered,” he said.
Australia's surprise was not the evil twin attacks themselves, but the arrests.
“This incident is not unusual, but the suspect's arrest is unusual,” said Aaron Walton, a threat analyst at managed services security company Expel. “Generally speaking, airlines are not equipped and prepared to handle or mediate hacking allegations. .The typical lack of arrests and punitive actions should prompt travelers to be wary of their data, knowing what a tempting and often unguarded target it is—especially at airports.
According to the Australian Federal Police, dozens of people have had their documents stolen in cases in Australia.
According to an AFP press release, “When people try to connect their devices to free WiFi networks, they are taken to a fake web page asking them to log in using their email or social media login credentials.” The details are then saved to that person's device.
Once these credentials are obtained, they can be used to extract further information from the victim, including bank account information.
For hackers to be successful, they don't have to fool everyone. If they can convince only a handful of people – which is statistically easy to do when thousands of hurried and hurried people mill around an airport – they will succeed.
“We want Wi-Fi everywhere. When you go to a hotel, the airport, a coffee shop, or even just out and about, we want Wi-Fi there, and often free Wi-Fi,” Callahan said. “After all, when you're at the airport, what's another network name on the long list? Attackers don't need everyone connected to their evil twin, just some people continuing to put credentials into websites that can be stolen.” .
Next time you're at the airport, the only way to ensure 100% security is to bring your own Wi-Fi.