We are known by the technology we keep...
I am surrounded by technology enthusiasts at F5 Networks – if I chanced on any workplace discussion, more often than not I would hear Apps…Smarter…Faster…Safer.
In such company, I sometimes get skeptical looks when mentioning how trained and seasoned eyes can still fall prey to malware. Challenge accepted – devise a plan to prove that our desire to remain connected at all times with a dumb smart device makes us easy prey.
Plan of action
Use the oldest trick in the book, attack when the opponent is most vulnerable. In today’s context that job is easily done by taking away one’s internet access. When travelling is an integral part of your job, you realize you hit this vulnerable position much more often than desired.
So I picked up a target and a colleague to help, a little bit of recce revealed that we were going to be in an airport where there was no internet (free or otherwise).
Taking a cue from Sun Tzu’s art of war, we reached the battlefield ahead of time and had it ready – unhindered FREE WiFi.
Fortunately, the target walks right into the trap along with few strangers. Connected to the FREE WiFi, accepting terms and conditions, installing a program for priceless internet.
So I made a point for the day to analyze some of the other options. Free WiFi is everywhere, at the mall, at the restaurant etc. But a really fertile ground to harness confidential credentials would be the airplane itself. Here is what I came up with as an attack vector:
WiFi On Board
Many airlines provide WiFi onboard for media (movies/songs etc.) and internet. This usually requires two simple and steps (the experience may differ on different airlines)
Step 1: Connect for Free WiFi
Step 2: Install an application to stream movies, etc.
Step 3: (Optional) Pay and purchase premium content
All this hack needs is a person with malicious intent and a laptop and few software to cause some damage. So putting myself in a hoodie, I designed the attack path.
- Setup a WiFi Access point, with name that will attract people (AIRLINENAME_MEMBERSHIP_BETA_FREE_INTERNET). The name would blend in with other WiFi access points provided by airlines.
- The access point will require the user to authenticate with their Frequent flyer membership details.
- To make the attack more effective, the access point can ask the user to install a software. With this attack vector, users can be easily phished to side load a malware on Android devices.
- Show error message the BETA High Speed WiFi Access Point has reached its limit of number of users, kindly try the other Access Point.
Catch of the day: Frequent flyer credentials, credit card numbers, and potentially compromised endpoints to fuel the bot economy
Moral of the story
That tweet that you want to make or the incredible selfie you need to instagram or the important work email you want to send, all of it can wait. Evaluate the free WiFi access point you are planning to connect to.
Think before you provide any kind of credentials, cyber criminals are not only after your financial credentials. Remember your frequent flyer miles can be converted to Amazon credits.
Remember to keep your guard up; do not install a software bypassing standard practice. Side loading an app puts you at a lot of risk.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...