Cybersecurity news coming out of Australia has now set many people wondering if the supposedly secure arena of tested airport public WiFi networks are truly the ones you think you are using.
An Australian man has been captured and charged with operating a fake Wi-Fi access point during a domestic flight that was designed to steal user credentials and data. The 42-year-old male established multiple fake Wi-Fi points that mimicked legitimate networks to collect personal data from all unsuspecting users who connected to them, believing them to be secure and protected networks.
The suspect was charged after the Australian Federal Police (AFP) launched an investigation after an airline employee alerted officials of a suspicious Wi-Fi network during a domestic flight. A search of the suspect’s baggage led to the seizure of a portable wireless device, a laptop, and a mobile phone, and a following warrant was issued to search his domestic property.
Evil Twin Attack
The attack, known as an evil twin Wi-Fi attack, was staged across multiple locations, including domestic flights and airports in Perth, Adelaide, and Melbourne, fully impersonating legitimate Wi-Fi networks. Once an unsuspecting user is connected to the free service, they are prompted to enter their email address or social media credentials through a creative cybersecurity portal entry page.
The collected email and password details could then be used to access more personal information, such as online communication tools, stored images and videos, and bank details.
The defendant has since been charged with three counts of unauthorized impairment of electronic communication and three counts of possession of control of data with intent to commit an offense. Charges also spread to one count of unauthorized access or modification of restricted data, one count of dishonesty obtaining or dealing in personal financial information, and one count of identification information possession. With all charges, the man faces 23 years in prison.
How do you know if the Wi-Fi networks you use at an airport are safe?
How do you know if the Wi-Fi networks you use at an airport are safe? First, as the biggest cybersecurity companies will tell you, if you want to connect to a free Wi-Fi network, you should not even have to enter personal details – such as logging in through an email address or social media account.
Any requests to log in through these channels should be treated with scrutiny and looked into further, even asking an official or store owner if they are legitimate. If you wish to use any public Wi-Fi hotspots, you should do so through a reputable virtual private network (VPN) installed on your device that encrypts and secures your data whenever you use the internet. It is cybersecurity essential for traveling.
Legitimacy Check
Outlets such as Starbucks, Mcdonald’s, and other stores within airports provide free Wi-Fi networks for travellers to access while they wait for flights, but you should also check on the legitimacy of any of them before joining them. A fake access portal can be developed by hackers that can easily fool most people as secure cybersecurity applications.
With this new development in cybersecurity awareness, people need to be more cautious about previously trusted networks and how they connect to seemingly safe Wi-Fi networks when they travel and understand the importance of VPN use. If you would like to know more about cybersecurity for beginners, there are cybersecurity events in the UK that feature guest experts in the field of UK cybersecurity.