Free conference Wi-Fi abused for security attacks, darknet access

Public Wi-Fi at a two-day conference on school policy was used to launch five major security attacks, 48 critical security attacks, and nearly 100 attempts to access the dark web, according to new figures that highlight the ongoing risks of relying on public Wi-Fi networks.

The data was collected by The Somerville Group, which used Sophos tools to manage a secure Wi-Fi network at the Association of Independent Schools (AIS) national conference in May. The device was set to monitoring mode, which allowed traffic to pass through to conference delegates but watched and logged all activity.

Most of the 192 connected users conducted ‘typical’ activities, the company reported. But more than 165MB of data was transferred from dark-web locations during the two days of the conference, during which time an average of five intrusion attempts were made per connected device.

“Data from the device demonstrates that activity on an open network could put businesses and individuals at risk,” Sophos general manager ANZ Ashley Wearne said in a statement. “These statistics pose a potentially huge security risk to any organisation.”

Public Wi-FI networks have long been derided as a significant security risk, but users continue to use them with abandon – often transferring sensitive work data that could well be compromised through man-in-the-middle attacks.

Dealing with bad behaviour, poorly

Small businesses are particularly vulnerable, both because they may have less-sophisticated security tools and because their highly mobile workforces often tend to set up temporary offices in cafes and other places where public Wi-Fi is common.

In a recent survey of more than 600 small-business employees and 100 C-suite leaders, IT consultancy Switchfast Technologies found that fully two-thirds of employees reported connecting to public Wi-Fi to do their work, while 62 percent use their work computers to access personal social-media accounts.

Managers were less like to engage in both behaviours, with 44 percent accessing public Wi-Fi and a similar percentage accessing personal social-media accounts from work computers.

“What makes public Wi-Fi spots dangerous is anyone can hop on the same network and intercept traffic sent from an employee’s computer to a corporate server,” the analysis notes, recommending the use of virtual private networks (VPNs) be mandated for employees whenever they work outside of the office.

Interestingly, small-business leaders were more likely than employees (22 percent vs 19 percent) to share their password with a co-worker or assistant.

And 65 percent of small-business employees said they had never received a phishing test during their time in the job.

“Despite paying lip service to cybersecurity, the actions of small business employees and leaders reveal little is actually being done to address the negligence towards security,” the Switchfast report warns.

“Cybersecurity requires a combination of both managing external factors while correcting internal behaviorshellip; [but] companies will focus on one issue over the other, when both are needed to fully combat cyber risk.”

Companies can also take technological measures to heighten protection of Wi-Fi exposure by closely managing their remote-access users and applying extra authentication or other methods, such as network segmentation.

This last approach allows insertion of additional controls that can prevent a public Wi-Fi connection from becoming a conduit into the corporate network.

“Managers should open their minds to new security practices, learn how their networks operate and understand how segmentation can protect their organisation,” ForeScout senior director for Asia Pacific Japan Steve Hunter said in a recent statement.

“This type of digital transformation can help keep businesses afloat, even in the face of a significant cyberattack. Organisation that fail to embrace visibility and network segmentation will fall behind and open themselves up to increased risks of cyberattack, along with major financial and business implications.”

Copyright © 2018 IDG Communications, Inc.

The 10 most powerful cybersecurity companies