» ISP News » 
Sponsored Links

Three UK Politicians Hacked After Using Public Wi-Fi Hotspots

Thursday, Jul 9th, 2015 (9:21 am) - Score 1,391

Security firms F-Secure and Mandalorian Security Services have teamed up to show how risky public WiFi hotspots can be, which they did by hacking into the Internet surfing activities of three politicians (David Davis MP, Mary Honeyball MEP and Lord Strasburger) while they were connected in London.

Now before anybody shouts.. “Hay, that’s illegal!“, it should be stressed that the hacking was done with the full permission of all three politicians. Never the less all three admitted that they make regular use of public WiFi and have received no formal training or information about the relative ease with which computers can be breached while on such networks.

The stage was set and so the ethical hackers dutifully went about their business by breaking into and manipulating emails, as well as manipulating and extracting financial and social networking details. Here’s a summary of some of the things they did.

Highlights from the Public Wi-Fi Hacking

* The hackers drafted an email and left it in David Davis’s drafts folder, which was destined for the national press and comically announcing his defection to UKIP.

* David Davis’s PayPal account was compromised, as it used the same username and password as his Gmail – a common habit.

* In the case of Lord Strasburger, a Voice over IP (VoIP) call he made from a hotel room was intercepted and recorded using technology freely available on the Internet, and relatively easy to master.

* Mary Honeyball MEP, who ironically sits on the EU committee responsible for the “We Love Wi-Fi” campaign, was browsing the Internet in a café when the ethical hacker sent her a message seemingly from Facebook which invited her to log back into her account, as it had timed out. This was how she unwittingly gave her login credentials to the hacker, who then accessed her Facebook account. Honeyball was using a tablet that had been issued to her only days before by the European Parliament’s technology officers.

Suffice to say that all of the politicians were surprised by the fact that simply setting a password isn’t always enough, with Mary Honeyball saying, “I think something should be done because we all think that passwords make the whole thing secure.”

In fact anybody with some proper IT knowledge will already know that hackers can often get around passwords (i.e. there can be other ways of breaking into networks, particularly open public WiFi) and this perhaps also demonstrates the general lack of basic IT understanding that some politicians have.

Steve Lord, Director at Mandalorian, said:

The average person will think that a hacker knowing which sports team I follow is a pretty useless piece of information. But once he knows that, he can craft a phishing email specifically for you and your likes, knowing that you will be more likely to open it.

Once you click on a link within that email or open an attachment, they have you – they will load malware onto your devices and then you will end up giving away all of your information. Not only that, but your company information too, if you use your devices to access the company network.”

Sean Sullivan, Security Advisor at F-Secure, added:

People shouldn’t be afraid to use public Wi-Fi – it’s a fantastic service. But they must understand that there are risks and it is their responsibility to protect themselves. This is simply done using a piece of software called a Virtual Private Network (or VPN). For phones and tablets, these are available as an app.

Our Freedome VPN will encrypt all data travelling from the device to the network, meaning that the hacker will steal nothing of use. Simply turning it on gives you the best protection you can possibly have to stay safe over public Wi-Fi, so you can focus on what you’re doing instead of worrying about staying safe.”

It’s worth pointing out of course that a VPN might help to provide some protection, but this doesn’t mean to say that an advanced hacker won’t still be able to use the WiFi network in order to access your computer. Ultimately it’s safest to simply avoid public WiFi, particularly open networks that don’t ask for a password.

Another common trick in the hacking toolkit is to simply setup a fake SSID (network name) that mirrors a legitimate hotspot, such as for example calling it “McDonalds Official Wi-Fi” (i.e. tricking some end-users into connecting to the wrong network). Never underestimate the power of simple social engineering attacks.

But if you do wish to use public WiFi then try to avoid open hotspots unless necessary and always make use of a trusted VPN provider as that’s one of the safest ways to keep your activity secure and private.

By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
Gift: None
Virgin Media UK ISP Logo
Virgin Media £26.00
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
Gift: None
Large Availability | View All
New Forum Topics
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
Gift: None
Community Fibre UK ISP Logo
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5582)
  2. BT (3533)
  3. Politics (2554)
  4. Openreach (2312)
  5. Business (2284)
  6. Building Digital UK (2253)
  7. FTTC (2050)
  8. Mobile Broadband (1991)
  9. Statistics (1800)
  10. 4G (1681)
  11. Virgin Media (1640)
  12. Ofcom Regulation (1473)
  13. Fibre Optic (1406)
  14. Wireless Internet (1401)
  15. FTTH (1382)

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact