Purchase photos

WiFi hot spot security threat is real

5/8/2013

By RANDY GONZALES

By RANDY GONZALES

rgonzales@dailynews.net

The good news is public Wi-Fi hot spots are easily accessible. That's also the bad news.

There are more than 66,000 Wi-Fi networks in the country available to consumers and cybercriminals alike.

Locally, both Eagle Communications and Nex-Tech provide several hot spots for consumers. They urge consumers to exercise caution when using public Internet access.

"If people understood what some people are capable of in the world, it probably would freak them out, probably wouldn't log on to a Wi-Fi hot spot," said Eagle Communications general manager Travis Kohlrus.

According to ThreatMatrix, a cybercrime prevention leader, there are different ways criminals can exploit public Wi-Fi hot spots.

* Network scanners: A network scanner detects open ports on a device that's connected to a network. A cybercriminal can integrate a network scanner with hacking tools to automatically exploit system vulnerabilities, giving the person creating the fraud complete control of a customer's device.

* Man-in-the-middle attacks: Hackers use off-the-shelf or other devices configured as "hotspot honeypots" to intercept a user's Internet connection, granting the hacker full access to the user's network connection. This allows them to launch man-in-the-middle attacks such as website redirection, session hijacking and other network-based attacks.

* Social hacking: Cybercriminals can leave a malicious USB drive on a table for an unsuspecting, curious customer to insert it into a device. The attacker then can capture sensitive information, such as social network log-ins.

SBlt High-res cellphone cameras: Cybercriminals subtly can use a high-resolution video camera on a mobile device to capture a nearby user's activity. For example, a consumer might enter credit card information or email log-in into a device while waiting in line, without knowing a cybercriminal is capturing video of the credentials.

The company recommends the most effective way for consumers to keep their banking and other personal information protected is to alter their behavior while using public Internet access and to frequently update their operating system and anti-virus software.

"If the computer you're using is not secured properly, you open yourself up to potential threats," said Nex-Tech sales manager Steve Riat. "It's not something we as Nex-Tech can control."

Justin McClung, Internet/network solutions manager at Nex-Tech, said consumers need to be aware of what sited they are visiting while at public locations, using airports as an example. There might be several "free" Wi-Fi hot spots, but be sure you are connecting to the one provided by the airport.

"Scammers wouldn't do it if people weren't falling for it," McClung said.