Researchers are discovering that free WiFi networks are so easy to breach that anyone using one is leaving their computer and other electronic devices open to hacking.
A recent experiment at an international airport in Bengaluru, India, found that wireless devices were easily hacked over the airport’s free WiFi network. The researcher was able to gain access to passwords, aps, and even credit card and banking information with ease.
The researcher, Shubho Halder, chief scientist at mobile security firm Appknox, said that he found easily exploitable security holes in software made by Apple, Google, and Microsoft, all quickly breached using the airport’s free WiFi.
Halder also noted that when hacking email accounts, he was able to gain access to corporate information, not to mention corporate financial information.
“While these airports use a lot of security tools, they usually do not track what the users are doing with the WiFi connection which lets hackers use fake WiFi hotspots to gather tons of information from unsuspecting victims,” Halder said.
Halder was also able to use a device that created fake WiFi hotspots that fooled travelers into thinking they had accessed the airport’s network.
This security issue isn’t just a problem at an airport in India. In fact, hackers and thieves are taking advantage of free WiFi services all across the world to steal information and hack into unsuspecting victims’s bank accounts.
Worse, these hackers are not just grabbing random user information but, in some cases, targeting businessmen in order to steal corporate information and secrets.
These fake hotspots are also difficult to identify as a trap set by hackers. Pravin Srinivasan advises users of public WiFi “not to use any WiFi hotspot that doesn’t ask for SMS verification.”
Another expert agrees: “Public Wi-Fi is inherently unsecure. Anyone using it ought to do so with the premise that everything you do is visible to a third-party stranger with access to that hot spot,” said cybercrime expert Kevin Clark. “The chances of you being hacked far exceeds the chances of your home being burglarized. This is a big business.”
One of the most important pieces of advice Clark offered was to change your password often, to make your password filled with random numbers and letters, and make it the longest password your program will allow.
Follow Warner Todd Huston on Twitter @warnerthuston, or email the author at firstname.lastname@example.org.