» ISP News » 

Three UK Politicians Hacked After Using Public Wi-Fi Hotspots

Posted Thursday, July 9th, 2015 (9:21 am) by Mark Jackson (Score 1,230)
wifi uk internet security

Security firms F-Secure and Mandalorian Security Services have teamed up to show how risky public WiFi hotspots can be, which they did by hacking into the Internet surfing activities of three politicians (David Davis MP, Mary Honeyball MEP and Lord Strasburger) while they were connected in London.

Now before anybody shouts.. “Hay, that’s illegal!“, it should be stressed that the hacking was done with the full permission of all three politicians. Never the less all three admitted that they make regular use of public WiFi and have received no formal training or information about the relative ease with which computers can be breached while on such networks.

The stage was set and so the ethical hackers dutifully went about their business by breaking into and manipulating emails, as well as manipulating and extracting financial and social networking details. Here’s a summary of some of the things they did.

Highlights from the Public Wi-Fi Hacking

* The hackers drafted an email and left it in David Davis’s drafts folder, which was destined for the national press and comically announcing his defection to UKIP.

* David Davis’s PayPal account was compromised, as it used the same username and password as his Gmail – a common habit.

* In the case of Lord Strasburger, a Voice over IP (VoIP) call he made from a hotel room was intercepted and recorded using technology freely available on the Internet, and relatively easy to master.

* Mary Honeyball MEP, who ironically sits on the EU committee responsible for the “We Love Wi-Fi” campaign, was browsing the Internet in a café when the ethical hacker sent her a message seemingly from Facebook which invited her to log back into her account, as it had timed out. This was how she unwittingly gave her login credentials to the hacker, who then accessed her Facebook account. Honeyball was using a tablet that had been issued to her only days before by the European Parliament’s technology officers.

Suffice to say that all of the politicians were surprised by the fact that simply setting a password isn’t always enough, with Mary Honeyball saying, “I think something should be done because we all think that passwords make the whole thing secure.”

In fact anybody with some proper IT knowledge will already know that hackers can often get around passwords (i.e. there can be other ways of breaking into networks, particularly open public WiFi) and this perhaps also demonstrates the general lack of basic IT understanding that some politicians have.

Steve Lord, Director at Mandalorian, said:

The average person will think that a hacker knowing which sports team I follow is a pretty useless piece of information. But once he knows that, he can craft a phishing email specifically for you and your likes, knowing that you will be more likely to open it.

Once you click on a link within that email or open an attachment, they have you – they will load malware onto your devices and then you will end up giving away all of your information. Not only that, but your company information too, if you use your devices to access the company network.”

Sean Sullivan, Security Advisor at F-Secure, added:

People shouldn’t be afraid to use public Wi-Fi – it’s a fantastic service. But they must understand that there are risks and it is their responsibility to protect themselves. This is simply done using a piece of software called a Virtual Private Network (or VPN). For phones and tablets, these are available as an app.

Our Freedome VPN will encrypt all data travelling from the device to the network, meaning that the hacker will steal nothing of use. Simply turning it on gives you the best protection you can possibly have to stay safe over public Wi-Fi, so you can focus on what you’re doing instead of worrying about staying safe.”

It’s worth pointing out of course that a VPN might help to provide some protection, but this doesn’t mean to say that an advanced hacker won’t still be able to use the WiFi network in order to access your computer. Ultimately it’s safest to simply avoid public WiFi, particularly open networks that don’t ask for a password.

Another common trick in the hacking toolkit is to simply setup a fake SSID (network name) that mirrors a legitimate hotspot, such as for example calling it “McDonalds Official Wi-Fi” (i.e. tricking some end-users into connecting to the wrong network). Never underestimate the power of simple social engineering attacks.

But if you do wish to use public WiFi then try to avoid open hotspots unless necessary and always make use of a trusted VPN provider as that’s one of the safest ways to keep your activity secure and private.

Delicious
Add to Diigo
Leave a Comment
4 Responses
  1. DanielM

    “Our Freedome VPN will encrypt all data travelling from the device to the network, meaning that the hacker will steal nothing of use”

    Should also say that it blocks almost everything too!

  2. Kamil

    PureVPN is the king of VPN services with more than 450 servers in 101 countries and 256-bit military-grade encryption. If these hackers had PureVPN software on their phone, no one would’ve been able to hack into them. Too bad not many people realize the benefits of VPN services.

  3. John1984

    People should use a serious VPN provider,
    I use ActiVPN which is a faster, cheapper and secure VPN.

IMPORTANT: Javascript must be enabled to post (most browsers do this automatically). On mobile devices you may need to load the page in 'Desktop' mode to comment.


Comments RSS Feed

* Your comment might NOT appear immediately (the site cache re-syncs periodically) *
* Comments that break our rules, spam, troll or post via fake IP/proxy servers may be blocked *
Promotion
Cheapest Superfast ISPs
  • Sky Broadband £20.00 (*28.99)
    Up to 38Mbps, 25GB
    Gift: None
  • Origin Broadband £23.89 (*31.58)
    Up to 38Mbps, Unlimited
    Gift: None
  • Vodafone £25.00
    Up to 38Mbps, Unlimited
    Gift: None
  • Hyperoptic £26.00 (*35.00)
    Up to 100Mbps, Unlimited
    Gift: None
  • bOnline £26.28 (*40.68)
    Up to 40Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
Poll
*Javascript must be ON to vote*
The Top 20 Category Tags
  1. BT (1801)
  2. Broadband Delivery UK (1270)
  3. FTTC (1145)
  4. FTTP (1130)
  5. Politics (902)
  6. Openreach (858)
  7. Business (790)
  8. Fibre Optic (721)
  9. Statistics (715)
  10. Mobile Broadband (662)
  11. Wireless Internet (599)
  12. Ofcom Regulation (573)
  13. 4G (538)
  14. Virgin Media (520)
  15. FTTH (460)
  16. Sky Broadband (425)
  17. TalkTalk (399)
  18. EE (350)
  19. Security (293)
  20. 3G (255)
New Forum Topics
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Promotion

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules