Dear Travelers, Beware of the Free Wi-Fi Trap!
Fri, 01 Mar 2019 || By Rachmadita K

The world is moving more than ever. World Tourism Organization reported that estimated by 2030 there will be 2 billion international trips by the 8.5 billion global populations[1].

Figure 1. The graphics present the increasing trend of international travel:

The number of international tourist arrival and Total tourism export[2].

The development of technology is changing the way we travel: how we define transportation and mobility options. We are not only travelling faster than before but also having better-quality of comfortable accommodations along with helpful tools and mobile apps that let us do travelling easily. Technology has forever changed the way billions travel either for pleasure or business.

Internet along with digital technologies and its innovation on Smartphones, AI, Digital Payment, Social Media and so on have affected all the way we travel. They made travelling more environmentally-friendly and less time-consuming. It even helped us surpass language barriers by its translating apps that even let us use our smartphone’s camera to translate signs or menus in real time.

Figure 2. Traveller's mode of transportations and Purpose of visit.

 

Airport Transit Can be That Dangerous

Wi-Fi is such a prominent element during our travel, especially those available at public facilities. It is pretty hard to avoid connecting to the Airport Wi-Fi especially when we are on our hours of international flight transit; our Sim Card is no longer available, and the roaming is way too expensive.

Free Airport Wi-Fi is an attractive and sometimes seemingly crucial service for travellers, but shaky security makes some airport networks are vulnerable to attacks that could result in danger to users. As stated by Dror Liwer (Chief Security officer and co-founder of Coronet), the main reason airports are precarious is because users are taking convenience over security. Users must consider the safety first because it is a real threat, not a theoretical danger[3].

Due to insufficient security that is attached to public Wi-Fi, hackers can easily access personal data that is retrievable when logged onto the server[4]. Threats that are haunting the users include identity theft, installation of malware on your laptop or mobile device, or theft of emails or other stored data.

Cyber-security firm, Coronet, lately has released the top 10 airports in the U.S. where passengers are most likely to be hacked. Coronet studied data from 45 of the busiest airports throughout five months that then generates a threat index score, based on the device vulnerability and Wi-Fi network risks[5].

Figure 3. The top 10 Most Vulnerable Airport for Cybersecurity

The World’s busiest airport, the Hartsfield-Jackson Atlanta International Airport, ever shut off Wi-Fi service when an active ransomware attack took place in the city. The reason behind its shut off is because the airport authorities understand that Wi-Fi is an easy way for attackers to spread malicious files with well-automated and straightforward attack tools that perform man-in-the-middle (MiTM) attacks. The attacker could easily spread malicious ransomware to airport authority computers connected the Atlanta airport Wi-Fi, so they pulled the plug to avoid the threat.[6].

Fake Wi-Fi as the Man-in-The-Middle

Man-in-the-Middle (MiTM) attack is defined as an attack in which the intruder can read and write messages communicated between two parties without either party being conscious of this fact. The attack appears in many shapes and forms, and the sophistication of these forms has evolved with the evolution of modern computing systems[7]. MiTM requires three players: the victim, the entity, the MiTM who is intercepting the victim's communications.

In a MiTM attack, a hacker set up a rough Wi-Fi network that was identical to the network you are in. Once you mistaken connected with, the hacker can see every password you enter, every email you sent, photos and documents, all without you knowing. The data is actually being decrypted and re-encrypted back again.

Not only hacked, but the MiTM can also send a file, doing a remote-control over your phone, including: activate the recorder and record your voice, activate the camera and taking photos or videos, and do the recording by your device’s recorder, all without your concern. The worst consequence is: anyone could easily impersonate you; know whom you are dealing with; knowing information about your friend[8].

 

Figure 4. Man-in-the-Middle Attack Scheme[9]

Personal Data is valuable in Dark-Web’s Black Market

Technological evolution often comes with side effects. Today's web does not only advance a booming Web industry, but it also provides new opportunities to criminals who are rapidly industrializing their dark business over the Web.

Today, once you, unfortunately, click a malicious URL, chances are that those who victimize you are no longer individual, small-crooks but an underground syndicate: some luring you to visit malicious websites through various channels (Spam, tweets, malicious advertising, etc.), some buying and selling your traffic through redirection, and the receiving ends of the traffic performing different exploits (drive-by downloads, scams, phishing etc.) on your system on behalf of their customers[10].

Thousands of data is stolen every day in a dark-web. No matter how strong your data protection is, the criminals are always looking a way to get it. An investigation by Joshua Lim on Channel News Asia show “Why It Matters 2: Ep 9: Losing Yourself” found out that hackers are making money through stealing our data: email accounts, identity cards, passport, and credit cards info, are the most targeted data [11].

Against the Man-in-The-Middle Attack

As a part of technologies, attackers’ activities are always improving by frequently inventing new techniques to steal our data, as well as the white hat hacker invention on ways to fight it. Most of the effective defences against MiTM can be done on a router or server-side.  Actually, we will not be having any dedicated control over the security of our transaction. Instead, using strong encryption between the client and the server can be the solution. In this case, there is a patent invented by Brian Hernacki and William E. Sobel proposing the alternative way to overcome the MiTM called a security transition. This invention pertains in general to computer security and in particular to detection of MiTM attacks by analysis of changes in security levels during transitions between network resources[12].

Another method to prevent such MiTM attacks is, to never connect to open Wi-Fi routers directly. Th[13][14], and another security product as provided by Norton, Kaspersky, etc[15]. You can also take these steps of preventions: (1) check the web URL; (2) wary of potential phishing email from attackers asking you to update password/log in; (3) install a VPN as a prevention before connecting to public Wi-Fi routers; and (4) install comprehensive internet security solution.

Editor: Anisa Pratita Mantovani

Read another article written by Rachmadita K.

 


[1] Highlights, T. (2015). World Tourism Organization. Gauta. [online]. Available at: http://www.e-unwto.org/doi/pdf/10.18111/9789284416899. [Accessed on 4 Feb 2019]

[2]UNWTO. (2017). UNWTO Tourism Highlights–2017 Edition. [online]. Available at: http://people.unica.it/carlamassidda/files/2017/06/UNWTO_Tourism-Highlights_2017.pdf [Accessed on 4 Feb 2019]

[3] Robert Curley. (22 Juli 2018). Think twice about logging onto free wifi in these airports [online]. Available at: https://www.businesstraveller.com/business-travel/2018/07/22/think-twice-about-logging-onto-free-wifi-in-these-airports/ [Accessed on 4 Feb 2019]

[4] [Article on Internationalairportreview.com] Free Wi-Fi in airports is the prime location for hackers according to Coronet. (https://www.internationalairportreview.com/news/72557/free-wi-fi-in-airp orts-hackers/) [Accessed on 5 Feb 2019]

[5] Coronet Report. (2017). Attention All Passengers: Airport Networks Are Putting Your Devices & Cloud Apps at Severe Risk. [online]. Available at: https://www.coro.net/wp-content/uploads/2018/08/Coronet_Cyber-Insecure-Airports.pdf. [Accessed on 5 February 2019].

[6] Ryan, Orsi. (2018). “The World’s Busiest Airport Shuts off Wi-Fi Amid a Ransomware Attack”. [online]. Available at: https://www.secplicity.org/2018/03/23/the-worlds-busiest-airport-shuts-off-wi-fi-amid-a-ransomware-attack/.[Accessed on 5 Feb 2019].

[7]   Aziz, B., & Hamilton, G. (2009). Detecting man-in-the-middle attacks by precise timing. In Emerging Security Information, Systems and Technologies, 2009. SECURWARE'09. Third International Conference on (pp. 81-86). Available at: https://ieeexplore.ieee.org/iel5/5210973/5210974/05211025.pdf [Accessed on 6 Feb 2019]

[8] CNA Insider Youtube Channel. “Free WiFi Trap: How Hackers Use it to Steal Into Your Info | Why It Matters | CNA Insider”. Published at Jan 15, 2019. [online]. Available at: https://www.youtube.com/watch?v=wbmeNJfvMKU [Accessed on 4 Feb 2019]

[9] Digital Guide. (2019). “Man-in-the-middle attack: attack patterns and countermeasures”. [online]. Available at: https://www.ionos.ca/digitalguide/server/security/man-in-the-middle-attack-an-overview-of-attack-patterns/ [Accessed on 5 Feb 2019].

[10] Li, Z., Alrwais, S., Xie, Y., Yu, F., & Wang, X. (2013). Finding the linchpins of the dark web: a study on topologically dedicated hosts on malicious web infrastructures. In Security and Privacy (SP), 2013 IEEE Symposium on (pp. 112-126). IEEE. Available at: http://www.ieee-security.org/TC/SP2013/papers/4977a112.pdf [Accessed on 7 Feb 2019]

[11]Channel New Asia. Why It Matters 2: Ep 9: Losing Yourself. An Investigation on Cyber Threats hosted by Joshua Lim. See minutes 34’.[online]. Available at: https://www.channelnewsasia.com/news/video-on-demand/why-it-matters/losing-yourself-11075194. [Accessed on 4 Feb 2019].

[12] Hernacki, B., & Sobel, W. E. (2013). U.S. Patent No. 8,561,181. Washington, DC: U.S. Patent and Trademark Office. [online]. Available at: https://patents.google.com/patent/US8561181B1/en [Accessed on 8 Feb 2019]

[13] HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. [online]. Available at: https://www.eff.org/https-everywhere [Accessed on 9 Feb 2019]

[14]ForceTLS is an adaptation of the ForceHTTPS protocol by Collin Jackson and Adam Barth, which supports a simple HTTP header in forcing automatic connections to HTTPS connections in the future. This helps prevent cookie theft and other man-in-the-middle attacks when you're using an insecure network. [online]. Available at: http://sidstamm.com/forcetls/ [Accessed on 9 Feb 2019]

[15]Tanmay Patange. (10 Oct 13). How to defend yourself against MITM or Man-in-the-middle Attack. [online]. Available at: https://hackerspace.kinja.com/how-to-defend-yourself-against-mitm-or-man-in-the-middl-1461796382 [Accessed on 9 Feb 2019]