Caution is often required when talking about free and the same goes for public Wi-Fi, stamped "free" or "included". As proof for the past four years, executives traveling have been victims of targeted spy attacks while using the hotels Wi-Fi network. Even more recently in January, newspapers reported that a 7-year-old girl who had simply followed instructions on a video had been hacked into a public Wi-Fi network in 11 minutes, proving their extreme vulnerability. .
Thus, users of public or semi-public Wi-Fi networks run the risk of having their sensitive data intercepted. This is a persistent and long-standing problem which, in many cases, is attributable to the user.
How are the attacks going?
Of course, not all users represent the same interest for hackers. An individual has indeed less to offer than a professional. In addition, in this last category, we must distinguish the "moderately attractive" targets from those which are "very lucrative", namely: the senior managers of companies that connect to the Wi-Fi networks of luxury hotels where they stay during their business trips. In fact, Wi-Fi networks are discreetly infiltrated by industrial spies who are on the lookout, watching for the moment when the targeted person identifies himself on the hotel network with his name and room number. Once the potential victim is "within range", malware is installed on his computer to record all his actions and collect previously memorized passwords.
Does this scenario remind you of an action movie? It is unfortunately not fiction but reality for four years. During this period, cybercriminals conducted a targeted espionage campaign specifically targeting senior executives. This type of attack captures sensitive data, such as credentials for cloud services and enterprise systems. Their authors are professionals who never attack the same victim twice. They carry out their operations with surgical precision, striking from the first contact, then "disappear" with their booty, taking care to erase their digital traces.
Is there a typical victim profile?
The targets are in particular business leaders, sales or marketing directors, or even employees of R&D departments. Note that we are talking about the present and not the past because the DarkHotel spy campaign discovered by Kaspersky last year is still relevant. The perpetrators, who have not been identified or arrested, are still active in the Asia-Pacific region and target senior officials from American, German and Asian companies. Since 2008, this represents several thousand infections that computer investigations have made it possible to trace to various countries such as the United States, Germany, Japan, Taiwan, South Korea, Belgium, Ireland, Singapore, Greece and Italy.
However, the potential victims are not helpless. First, they should review their travel plans to assess the potential risks. Then they have to change their passwords, which is best done regularly. However, managers or others who have access to valuable trade secrets may take certain additional precautions. Any public Wi-Fi network (access point) or semi-private (hotel) must be considered as potentially dangerous. It is therefore necessary to go through a VPN (virtual private network) in order to secure digital communications. You should also be wary of software updates offered automatically on networks outside the company. In short, watch out for Wi-Fi!