Why Hackers Love Public Wi-Fi

Why Hackers Love Public Wi-Fi

On the occasion of World Wi-Fi day the realisation has become strong that people are easily connected with each other globally. Modernization has brought a lot of changes around the world and now India is getting integrated in this process fast. Indians have come to know the value of Internet; now we can find Wi-Fi installed in each and every house in the metropolitian cities as well as in small towns. Nowadays, we can see free public WI-Fi which is widely and readily available in places like airports, restaurants, coffee shops, libraries etc. We all run for free things as we run for free internet connection as well. As we all know, using free internet connection can be the best way to access online accounts, catch up on work and check emails as well. However, there are many security risks involved which could not be ignored, since you could be an easy target for hackers while placing your information which can be a risk. Online crimes are taking different forms which we have come across and according to The Norton Cybersecurity Insights report has revealed that 77 percent of Indians would feel devastated if their personal financial information were compromised and 52 percent actually have either personal experienced of a credit card fraud or know someone who has. With public Wi-Fi available everywhere, what seems like a convenience can actually put you at a great risk. Free public Wi-Fi is a hacker’s playground for stealing personal information.To avoid becoming one of the victims of Cybercrime, we need to enhance our knowledge regarding Wi-Fi.

Risks of public Wi-Fi and how to stay safe online

Man-in-the-Middle Attack

One of the many dangers of using a public Wi-Fi network is that data over this type of open connection is often not encrypted and unsecured, leaving you vulnerable to a man-in-the-middle (MITM) attack. What is an MITM? It’s when a cybercriminal exploits a security flaw in the network to intercept data. Essentially, this gives a hacker access to sniff out any information that passes between you and the websites you visit — details of browsing activities, account logins and purchase transactions. Your sensitive information, such as passwords and financial data, are then vulnerable to identity theft.

Rogue Hotspots

Another risk of using free public Wi-Fi is that you may be connecting via a rogue hotspot. This is an open hotspot, usually with a name similar to that of a legitimate hotspot, which cyber criminals set up to lure people into connecting to their network. Once a victim connects to the rogue Wi-Fi hotspot, the host hacker can then intercept data and even use tools to inject malware into the connected devices.

Better Wi-Fi Security Habits to Stay Safe from Cybercrime

Did you know that 66percent of consumers in India think that using public Wi-Fi is riskier than using a public restroom? Yet, while the Norton Cyber security Insights Report revealed that people are aware of the risks of public Wi-Fi, the survey also showed that people are not practising safe security habits online.

How Norton helps you make it harder for cyber criminals to steal your information on public Wi-Fi:

§   Avoid connecting to public Wi-Fi. If you must use a public Wi-Fi hotspot, also use a virtual private network (VPN) to secure your connection.

§  Don’t log in to password-protected websites that contain sensitive information when using a public Wi-Fi connection — for example, banking and social networking sites, or even email.

§  Keep your software patched and up to date on all your devices — even your mobile ones — to avoid any potential infections by viruses or malware if you do use unsecured public Wi-Fi.

   §   One More Security Habit: Use a Virtual Private Network

   §   A VPN creates a “secure tunnel” where data sent over a Wi-Fi connection is encrypted, making all that data sent to and from your device secure. Using a VPN is a safe Wi-Fi security habit that can protect you when connecting to the Internet on the go.

Popular Surveillance Cameras Open to Hackers

Popular Surveillance Cameras Open to Hackers

In a world where security cameras are nearly as ubiquitous as light fixtures, someone is always watching you.

But the watcher might not always be who you think it is.

Three of the most popular brands of closed-circuit surveillance cameras are sold with remote internet access enabled by default, and with weak password security — a classic recipe for security failure that could allow hackers to remotely tap into the video feeds, according to new research.

The cameras, used by banks, retailers, hotels, hospitals and corporations, are often configured insecurely — thanks to these manufacturer default settings, according to researcher Justin Cacak, senior security engineer at Gotham Digital Science. As a result, he says, attackers can seize control of the systems to view live footage, archived footage or control the direction and zoom of cameras that are adjustable.

“You can essentially view these devices from anywhere in the world,” Cacak said, noting that he and his security team were able to remotely view footage showing security guards making rounds in facilities, “exceptionally interesting and explicit footage” from cameras placed in public elevators, as well as footage captured by one high-powered camera installed at a college campus, which had the ability to zoom directly into the windows of college dorm rooms.

Cacak and his team were able to view footage as part of penetration tests they conducted for clients to uncover security vulnerabilities in their networks. The team found more than 1,000 closed-circuit TV cameras that were exposed to the internet and thus susceptible to remote compromise, due to inherent vulnerabilities in the systems and to the tendency of the companies to configure them insecurely.

The inherent vulnerabilities, he said, can be found in at least three of the top makers of standalone CCTV systems that he and his researchers examined — MicroDigital, HIVISION, CTRing — as well as a substantial number of other companies that sell rebranded versions of the systems.

CCTV video surveillance systems are deployed at entrances and exits to facilities as well as in areas considered to be sensitive, such as bank vaults, server rooms, research and development labs and areas where expensive equipment is located. Typically, the cameras are easily spotted on ceilings and walls, but they can also be hidden to monitor employees and others without their knowledge.

Obtaining unauthorized access to such systems could allow thieves to case a facility before breaking into it, turn cameras away from areas they don’t want monitored or zoom in on sensitive papers or prototype products at a workstation. The cameras could also be used to spy on hospitals, restaurants and other facilities to identify celebrities and others who enter.

Remote access capability is a convenient feature in many of CCTV systems because it allows security personnel to view video feed and control cameras via the internet with laptops or mobile phones. But it also makes the systems vulnerable to outside hackers, particularly if they’re not set up securely. If the feature is enabled by default upon purchase, customers may not know this is the case or understand that they should take special steps to secure the systems as a result.

“All the ones we found have remote access enabled by default,” Cacak says. “Not all the customers may be aware [of this]…. Because most people view these via console screens, they may not be aware that they can be remotely accessed.”

Compounding the problem is the fact that the systems come deployed with default easy-to-guess passwords that are seldom changed by customers. They also don’t lock-out a user after a certain number of incorrect password guesses. This means that even if a customer changes the password, an attacker can crack it through a bruteforce attack.

Many of the default passwords Cacak and his team found on CCTV systems were “1234″ or “1111.” In most cases the username was “admin” or “user.”

“We find about 70 percent of the systems have not had the default passwords changed,” Cacak said.

Because many customers who use the systems don’t restrict access to computers from trusted networks, nor do they log who is accessing them, Cacak said owners often cannot tell if a remote attacker is in their system viewing video footage from outside the network.

To help companies determine if their CCTV systems are vulnerable, Cacak’s team worked with Rapid7 to produce a module for its Metasploit software targeting CCTV systems made by MicroDigital, HIVISION and CTRing or sold by other companies under a different name. Metasploit is a testing tool used by administrators and security professionals to determine if their systems are vulnerable to attack, but it’s also used by hackers to find and exploit vulnerable systems.

The module can determine if a specific user account, such as “admin,” exists on a targeted CCTV system, and it can also conduct automatic log-in attempts using known default passwords, brute force a password crack on systems using unknown passwords, access live as well as recorded CCTV footage, and redirect cameras that are adjustable. HD Moore, chief security officer at Rapid7, said they’re working on a scanner module that will help locate CCTV systems that are connected to the internet.

Earlier this year, Moore and another researcher from Rapid7 found similar vulnerabilities in video-conferencing systems. The researchers found they were able to remotely infiltrate conference rooms in some of the top venture capital and law firms across the country, as well as pharmaceutical and oil companies and even the boardroom of Goldman Sachs — all by simply calling in to unsecured videoconferencing systems that they found by doing a scan of the internet.

They were able to listen in on meetings, remotely steer a camera around rooms, as well as zoom in on items in a room to read proprietary information on documents.

Cacak said that customers using CCTV systems should disable remote access if they don’t need it. If they do need it, they should change the default password on the systems to one that is not easily cracked and add filtering to prevent any traffic from non-trusted computers from accessing the systems.