The RSA Conference 2018 happened in San Francisco. It’s where the l33test security people from all round meet up and chat about cybersecurity. And cat gifs.
Wireless threats were the hot topic this year. Now, you and I both know that we’ve all been guilty of connecting to the odd unsecured public Wi-Fi from time to time. In a coffeeshop, a hotel, a trade show, whatever. More than ever, it’s important that we help educate people about the risks involved using Wi-Fi like this.
To illustrate how security around public Wi-Fi is just usually not even a thought, helpnetsecurity.com set up a honeypot at the security conference offering free interwebs to the alleged security experts attending the show. Of the 16,000 attendees, a massive 30% connected to the honeypot. Kindly sending info about their phones, tablets, laptops and even watches. Sharing the make, model and IP address. With that info, it would take less than two minutes to pwn them using a Man In The Middle attack. A Naughty Person could have snaffled credentials, credit card data and more.
The important takeaway from this is that it’s painfully easy to hack Wi-Fi. Fooling both newbs and supposed l33t ha><><0rs is painfully easy. So, what can you do about it?
Don’t use public Wi-Fi.
You’ve got 4G. Use it.
If unsecured, Wi-Fi is almost certainly one of the biggest risks to internal company security. Lock that stuff down, brah. It’s not hard.