Travelers have been repeatedly warned over the years to avoid public Wi-Fi in places like airports and coffee shops. Airport Wi-Fi in particular is known to be a honeypot for hackers, as security is often relatively lax. But even though many people know that it’s better not to take advantage of free Wi-Fi, it turns out that free Wi-Fi is attractive to travelers as well as hackers. . They are now trying to update and utilize old cybercrime tactics.
Ann arrested in australia Over the summer, alarm bells were sounded in the United States that cybercriminals were finding new ways to profit from so-called “evil twin” attacks. It is also classified as a type of cybercrime called “man-in-the-middle attack.” evil twin It occurs when a hacker or group of hackers sets up a fake Wi-Fi network. It often occurs in public places where many users are expected to connect.
In this case, an Australian man was charged with conducting Wi-Fi attacks on domestic flights and airports in Perth, Melbourne and Adelaide. He allegedly set up a fake Wi-Fi network to steal email and social media credentials.
“As the general public becomes accustomed to ubiquitous free Wi-Fi, we expect evil twin attacks to become more common,” said Matt Radleck, vice president of incident response and cloud operations at data security firm Varonis. ”, he said, adding that no one had read it. Please check the free Wi-Fi terms of use and URL.
“How fast is this?[同意する]Click then[サインイン]or[接続]It’s like a game where you compete to see who can click. “This is a ploy, especially when visiting a new location, and if a fake site appears, the user may not even know what the legitimate site looks like,” Radreck said.
Today’s “evil twin” can hide more easily
One of the dangers of today’s twin attacks is that this technology is much easier to disguise. The evil twin can be a small device hiding behind a coffee shop display, and that small device can have serious consequences.
“Such devices can provide a convincing copy of a valid login page, giving unwary device users the ability to enter usernames and passwords,” said Brian Alcorn, a Cincinnati-based IT consultant. “It may prompt you for input and may be collected for future exploitation.”
This site doesn’t even require you to actually log in. “Once you enter your information, you’re done,” Alcorn said, adding that hurried and tired travelers will probably just think there’s a problem with the airport’s Wi-Fi and don’t think anything about it. please.
People who aren’t careful with their passwords, such as using their pet’s name or their favorite sports team as any password, are even more vulnerable to evil twin attacks. Alcorn said individuals who reuse username and password combinations online can capture credentials that are fed into AI, an ability that could quickly give cybercriminals the keys.
“You can be exploited by someone with less than $500 worth of equipment and less skill than you might think,” Alcorn said. “All an attacker needs is motivation and basic IT skills.”
How to avoid becoming a victim of this cybercrime
Experts say it’s best to use alternatives to public WiFi networks in public places.
“My favorite way to avoid evil twin attacks is to use a mobile hotspot on your phone if possible,” said Brian Callahan, director of the Rensselaer Cybersecurity Collaboration at Rensselaer Polytechnic Institute. .
Users can detect attacks by relying on mobile data on their phones and sharing it via mobile hotspots.
“You know the name of the network from the time you created it, so you can connect by setting a strong password that only you know,” Callahan said.
If a hotspot isn’t an option, Callahan says a VPN can also provide some protection. Traffic to and from your VPN must be encrypted.
“So even if someone else could see the data, they can’t do anything about it,” he said.
Internet security issues at airports and airlines
At many airports, the responsibility for WiFi is outsourced, and the airport itself has little involvement in securing the WiFi. For example, Boingo is the Wi-Fi provider at Dallas-Fort Worth International Airport.
“The airport’s IT team has no access to the system and cannot view usage or dashboards,” an airport spokesperson said. “This network is separate from DAL’s systems because it is an independent, standalone system that is not directly connected to the City of Dallas’ network or internal systems.”
A spokesperson for Boingo, which serves about 60 airports in North America, said the company can identify rogue Wi-Fi access points through its network management. “The best way to protect passengers is to use Passpoint, which uses encryption to automatically connect users to authenticated Wi-Fi for a secure online experience,” she said, adding that Boingo has offered Passpoint since 2012 to strengthen Wi-Fi security, eliminating the risk of connecting to malicious hotspots.
Alcorn said evil twin attacks “definitely” occur regularly in the United States, and that it’s rare for someone to get caught because they’re such a stealth attack. Hackers may also use these attacks as learning models. “Many of the evil twin attacks are experimental experiments to see if individuals with novice to intermediate skills can execute and avoid them, even if they don’t immediately use the information they gather,” he said. It could be something.”
What was surprising in Australia was not the evil twin attack itself, but the arrest.
“While this incident is not unusual, it is unusual that the suspect was arrested,” said Aaron Walton, threat analyst at managed services security firm Expel. “Airlines are generally not equipped or prepared to handle or mediate hacking accusations. The typical lack of arrest or punitive action leaves travelers with no access to their data. You should be especially careful at airports, recognizing how tempting and usually unsuspecting targets they are.
In the Australian case, dozens of people had their credentials stolen, according to the Australian Federal Police.
According to an AFP press release, “When people tried to connect their devices to free WiFi networks, they were directed to a fake webpage that asked them to sign in using their email or social media logins. These details were then allegedly saved on the man’s device. ”
Once these credentials are collected, they can be used to extract further information from the victim, such as bank account information.
Hackers don’t have to fool everyone to be successful. If they can convince just a handful of people — which is statistically easier to do with thousands of people milling around airports in a hurry — they will succeed.
“We expect Wi-Fi everywhere. Whether you go to a hotel, the airport, a coffee shop, or just go out, there is Wi-Fi and often free Wi-Fi. -I hope there is FI,” Callahan said. “After all, when you’re at the airport, what’s the name of another network on a long list? An attacker doesn’t need everyone to connect to the evil twin, just some, so they can be stolen. Enter your credentials on the relevant website.
The only way to be 100% safe the next time you go to the airport is to bring your own Wi-Fi.