Risks of Using Public Wi-Fi

Introduction

Mobile workers that enable the business to be flexible in working and allows key Team members to work remotely and provide services that would require on-site work, for certain team members this means that key IT infrastructure issues can be remotely brought back online and the issues resolved without the need to travel to site further delaying the resolution with the potential of loss of business and your ability to trade. For other workers, this enables fewer travels and cost savings on desk space as well as allowing team members to be productive whilst on the road.

Synopsys

Allowing team members to work from remote locations comes with advantages. However, remote working is not without its risks. If Team members work from cafés, on trains, or in airports, they are increasing the risks significantly of becoming victims of cybercrime that has the potential to be damaging to your reputation and ability to trade.

Executive summary

When considering whether to connect to the public Wi-Fi network at your local coffee shop, the airport, etc. The massive flaw discovered in WPA2, the encryption standard that secures all modern Wi-Fi networks. These networks are outside of the control of the Security, and Infrastructure teams. This means that IT teams are unable to guarantee that you are not at risk from Cyber Crime.

One of the biggest threats with free Wi-Fi is the ability for hackers to position themselves between you and the connection point. So, instead of talking directly with the hotspot, you end up sending your information to the hacker. The hacker also has access to every piece of information you send out—emails, phone numbers, credit card information, business data, the list goes on. And once a hacker has that information, you’ve basically given them the keys to the kingdom. While you may think ‘okay, I’m not checking my personal email or logging into my bank account, I’m just checking the sports scores,’ remember anything you do on a public Wi-Fi network is NOT secure. Any information you share or access on these networks is as good as gone.

The mantra of connecting to these Public Free Hotspots should be “Do I REALLY need to connect”.

Risk Matrix Scoring

Risk Probability Ratings:

DescriptionDescriptorScale
May only occur in exceptional circumstances, highly unlikelyVery Low1
Is unlikely to occur in normal circumstances, but could occur at some timeLow2
Likely to occur in some circumstances or at some timeModerate3
Is likely to occur at some time in normal circumstancesHigh4
Is highly likely to occur at some time in normal circumstancesVery High5

Risk Impact Ratings:

DescriptionDescriptorScale
Insignificant disruption to internal business or corporate objectives
Little or no loss of front-line service
No environmental impact
No reputational impact
Low financial loss <£100k
Negligible1
Minor disruption to internal business or corporate objectives
Minor disruption to front line service
Minor environmental impact
Minor reputational impact
Moderate financial loss >£100k <£500k
Marginal2
Noticeable disruption to internal business and corporate objectives
Moderate direct effect on front line services
Moderate damage to environment
Extensive reputational impact due to press coverage
Regulatory criticism
High financial impact >£500k < £1m
Significant3
Major disruption to corporate objectives or front-line services
High reputational impact – national press and TV coverage
Major detriment to environment
Minor regulatory enforcement
Major financial impact >£1m <£2.5m
Critical4
Critical long-term disruption to corporate objectives and front-line services
Critical reputational impact 
Regulatory intervention by Central Govt.
Significant damage to the environment
Huge financial impact >£2.5m
Catastrophic5

Risks of Using Public Wi-Fi

There are dozens of online tutorials showing hackers how to compromise public Wi-Fi, some of them with millions of views. The most common method of attack is known as “Man in the Middle.” In this simple technique, traffic is intercepted between a user’s device and the destination by making the victim’s device think the hacker’s machine is the access point to the internet. A similar, albeit more sinister, method is called the “Evil Twin.” Here’s how it works: You log on to the free Wi-Fi in your hotel room, thinking you’re joining the hotel’s network. But somewhere nearby, a hacker is boosting a stronger Wi-Fi signal off of their laptop, tricking you into using it by labelling it with the hotel’s name. Trying to save time and company money, and recognizing the name of the hotel, you innocently connect to the hacker’s network. As you surf the web or do your online banking, all your activity is being monitored by this stranger.

Below is a table of the most common types of cybercrime that your company could be exposed to from using Free Public Wi-Fi along with the risk probability and the Risk Rating scores.

RiskDescriptionProbabilityRating
Rogue Wi-Fi networks Team Members could be tricked into using a Rogue Wi-Fi Network set up by an attacker. That network enticingly called “Free Wi-Fi” may be set up precisely to harvest your business’s valuable data.4/53/4
Man-in-the-middle attacks. Connecting to free, public Wi-Fi Brings business risks from having your company data intercepted by third parties. This is because hackers have the ability to position themselves between your Team Members who are using the Wi-Fi and the connection point.45
Distribution of malware over unsecured Wi-Fi. Hackers can also use an unsecured Wi-Fi connection to distribute malware. Having infected software on your computers and devices can be financially crippling to your business.35
Snooping and sniffingAnother public Wi-Fi risk is hackers using special software kits enabling them to eavesdrop on Wi-Fi signals. This allows cybercriminals to access everything your remote workers are doing online, potentially enabling them to capture login credentials and even hijack your accounts.44
Malicious attacks through ad-hocsAd hocs are peer-to-peer networks which connect two computers directly. When remote workers use a public Wi-Fi network, their devices are likely to be set to discover new networks, making it possible for hackers to connect directly to them.35
Password and username vulnerabilityUsing a public Wi-Fi makes Team Members vulnerable to having passwords and usernames stolen when you log on.  Websites utilizing secure socket layer or HTTPs provide a needed level of security, however this would still not stop the computer being directly Attacked35
Exposure to worm attacks.Worms act much like viruses, with one key difference. Viruses must have a program to attack in order to successfully compromise a system, while worms can wreak havoc all by themselves. When connected to a public Wi-Fi, you run the risk of a worm travelling from another device that’s connected to the network to your computer.24
Installation of IMRATsIMRATs are malicious in nature and are Remote Control and command pieces of the software that can give an attacker direct access to the computer and remove view both the documents stored, keyboard presses and direct access to the Hard drive and other computer functions, this can even be executed when the computer leaves the Public Wi-Fi and can be undetectable even by firewall and anti malware solutions.45
Physical SecurityNot all security is related to protecting Company network and devices but also that of Team members, loss or stolen laptops and devices can be used to gain access to internal network and may put the user at risk of harm or serious physical injury by using high value assets in a public place34

Mitigations 

Using unsecured public Wi-Fi can allow others to see important emails, encrypted messages and unsecured logins. Of course, it would be possible for a cybercriminal to use the access to hack The Corporate device as well. Here are important steps to take before using public Wi-Fi:

  • Convert to the more secure HTTPS for your website and applications, if you haven’t already done so. HTTPS-enabled websites provide critical security and protect users’ personal information such as login credentials.
  • Set up a virtual private network (VPN) for your company network. This should be an always-on VPN connection to your network, shielding their activity from cybercriminals on public Wi-Fi.
  • Advise remote users to turn off Wi-Fi auto-connect settings and Bluetooth discoverability settings. This helps prevent hackers from gaining direct peer-to-peer access to user devices without them realizing it.
  • Ensure that all remote workers have a firewall enabled on devices at all times.
  • Make sure your network and all worker devices are covered by good anti-malware software–including anti-sniffing protection.
  • Use a mobile hotspot provided through your mobile carrier, or tether laptops to a mobile device, and avoid using public Wi-Fi altogether.
  • Set up policies regarding the above, and periodically educate workers so they understand the risks and the importance of taking protective steps.
  • Turn off file sharing and utilise the Windows and macOS features to enable Public Hotspot mode that will add an extra hurdle to potential hackers to overcome
  • Ensure that you are not shoulder surfed and ensure that you are aware of your surroundings if you feel uncomfortable then pack the laptop away and move to a new more populated area.

Recommendations

To ensure that your business and Team members remain safe both in a cyber and personal way the following recommendations are implemented in addition to providing further information to remote workers on how to remain safe and protect the business from undue risks the following should be put into place

  • An always-on VPN Solution that does not allow split tunnelling 
    • This means that the VPN will always be on and active without the user needing to remember
    • Block all internet traffic that is not sent over the VPN
    • Ensure that Windows updates can be sent over the VPN line
  • Remove the Split tunnel to remove the possibility of connecting to home networked servers or other computers 
    • This will ensure that all traffic is secure
    • No data is to be transmitted outside of the VPN
  • Ensure that all Domain GPO’s are trimmed and one for remote workers is set up to direct the End-User Device to the internal update and SCCM servers
    • This will ensure that DNS issues can be picked it
    • Creates a central GPO that can be quickly edited and audited to resolve any issues
  • Ensure the software firewall is enabled
    • This is a last line of defence but one that should be incorporated
    • Ensure this drops pings so that the EUD is almost invisible to the network
  • Ensure the AV server can push latest DAT’s and other updates to the EUD’s
    • This is going to require good management of the AV server 
  • Use GPO’s to stop the EUD’s being file servers
    • This ensures that the risk of being infected with an IMRAT is lessened
    • Adds to the stealth protections of the EUD
  • Enable GPO to not search and connect to Public or insecure hotspots
    • This takes out the human factor and would require a conscious action
  • Provide all remote workers with privacy screens to protect them from passive “shoulder surfing”

With the above it is also good practice to educate the remote working team members of the dangers not only to the IT infrastructure but to themselves and ensure that they are always conscious of surroundings and what they are doing and to make the decision if the work they are doing is really required to be performed in a public place. 

Conclusion

In 2014 experts from Kaspersky Lab uncovered a very sophisticated hacking campaign called “Dark Hotel.” Operating for more than seven years and believed to be a sophisticated economic espionage campaign by an unknown country, Dark Hotel targeted CEOs, government agencies, U.S. executives, NGOs, and other high-value targets while they were in Asia. When executives connected to their luxury hotel’s Wi-Fi network and downloaded what they believed were regular software updates, their devices were infected with malware. This malware could sit inactive and undetected for several months before being remotely accessed to obtain sensitive information on the device.

What is the best way to protect yourself against these kinds of Wi-Fi threats? Although antivirus protection and firewalls are essential methods of cyber defence, they are useless against hackers on unsecured Wi-Fi networks. The best defence against this is to not risk using something that is inherently insecure in the first place, especially where your IT Team does not have control over what is on and goes in and out of the network to protect its team members and its business interests.

Leave a comment

Your email address will not be published. Required fields are marked *