Just two days after an investigation revealed how much personal information public Wi-Fi networks can ‘suck’ from phones, a child has shown how easy the hotspots are to hack.
A seven-year-old broke into a Wi-Fi hotspot in just 10 minutes and 54 seconds after watching an online video tutorial.
The ethical hacking demo was carried out under the supervision of an online security expert to highlight just how vulnerable the networks are.
Experts predict that attacks on free, public Wi-Fi networks will rise in 2015.
An investigation by 5 News earlier this week found that hackers can force customers in a café to switch their phones from a legitimate Wi-Fi network to a fake one, without them knowing.
This made it possible for thieves to access phones, hack email accounts, steal login details, track people's movements and access online bank accounts.
To put these dangers into perspective, virtual private network (VPN) provider Hidemyass.com (HMA) recruited a child to attack a public network.
Betsy Davies from Dulwich in South London hacked a willing participant’s laptop while they were connected to an open Wi-Fi network.
She began by searching for, and watching, a freely available video tutorial detailing how to hack a network - a Google search returns over 11 million results, and YouTube lists almost 14,000 tutorials.
The schoolgirl then set up a Rogue Access Point - frequently used by attackers to activate what is known as a ‘man in the middle’ attack, and began eavesdropping on, or ‘sniffing’ traffic.
Rogue Access Points are wireless access points, installed on a company’s network without the company’s knowledge.
These access points override the legitimate network, allowing the hacker to launch an attack and intercept data.
During this hack, Ms Davies was effectively sitting between the legitimate Wi-Fi network and the customer’s laptop, which is why it is dubbed a ‘man in the middle’ attack.
STAYING SAFE ON WI-FI NETWORKS
Ensure a network is genuine: Check the name of the network with a shop worker.
Check the lock: Secure websites display a green padlock symbol, also known as Https. Make sure this is present when using a site that handles personal data and avoid accessing sensitive documents or pages using public Wi-Fi.
Use a Virtual Private Network (VPN): Not all sites display the Https lock symbol, but a VPN will act as an intermediary between the device and the internet server.
Downloading an app? Check permissions: Before installing, make sure apps can't access unnecessary information. For example, a drawing app shouldn't need a contacts list.
Forget the network: When leaving a publich network, don’t just log off, ask the device to forget the network so it doesn’t automatically log on when in range later.
The experiment was overseen by independent online security expert Marcus Dempsey.
He is hired by companies to check the robustness of their network systems.
‘The results of this experiment are worrying but not entirely surprising,’ said Mr Dempsey.
‘I know just how easily a layman can gain access to a stranger’s device, and in an age where children are often more tech-literate than adults, hacking can literally be child’s play.’
‘Adults need to get their heads around online security basics - and stick to them whenever they connect to an unsecure network.
‘As for children, while it’s admirable educators are focusing on skills like coding, it’s important to teach them about the dangers that lurk online, as well instilling a clear sense of the ethics – just as we did with the child that participated in this experiment.
‘After all, as easily as one can now code a computer game, so one can fall into the dark world of hacking.’
A recent Cabinet Office report revealed more than half of people in the UK have fallen victim to cybercriminals.
According to follow-up research by HMA, nearly two thirds (59 per cent) of people regularly use unsecure, or ‘open’ Wi-Fi hotspots with one in five (20 per cent) doing so weekly or more.
Among those who use these unsecured networks, 19 per cent log on to online banking and 31 per cent send emails and personal documents.
Cian McKenna-Charley, marketing director at HMA added: ‘The image of cyber criminals hiding in a dark room in some far-flung part of the world is antiquated - they are just as likely to be sitting next to you in a coffee shop or public library.
‘And if a child can perform a basic hack on a Wi-Fi network in minutes, imagine the damage a professional criminal hacker could do.’
No comments:
Post a Comment