threat alert
Travelling on Trains? Be Wary of Wifi
Train journeys are a common part of business travel, and many take the opportunity to catch up on work while on the move. However, with 4G networks generally being poor while on-board, many rely on the provided Wifi. Unfortunately, this can pose a significant security risk, as Pen Test Partners researcher Ken Munro recently revealed. We get the thoughts of Natan Bandler, CEO and co-founder of Cy-oT, on the risks posed to businesses
One of the core findings of Munro’s research is that train Wifi is often not properly segregated, meaning hackers can in some cases find their way to sensitive user data including email addresses and partial credit card numbers.
“It's quite easy to jump from a public network to a train and its ticketing systems,” explains Cy-oT CEO Natan Bandler. “Any relatively useful tips that you give train operators in order to keep trains secure are good, but they’re not enough and it’s easy to make mistakes. It's very hard to keep everything well maintained and segregated.”
However, this is not the only risk such Wifi services pose to users. It can also provide an opportunity for hackers to infect professionals with malware that will then be transferred to a workplace when the passenger arrives there.
“Having a public network on a train is great for attackers to use as an infection point, and as a way to infect many people. All an attacker needs is to make sure that everyone on the train connects to a specific public network, so even if it’s segregated from the internal systems of the train, it’s still being used as a way to infect each and every passenger on his or her way to Barclays Bank, JP Morgan, the Homeland Security office or any other potentially sensitive workplace,” says Bandler.
“This is particularly easy, as so many people will be using the Wi-Fi network on the train because they have little to no 4G reception. Once connected to this public Wi-Fi, people are infected by tools that will do something malicious once they’re connected to their well-protected corporate network in the office, and this is how malware will continue to be spread.”
It’s important to remember that this mode of attack is not restricted to trains. While they are a particularly effective tool for attackers due to the lack of network options, other public Wifi can also pose a risk.
“The same goes for any public network, such as those in coffee shops etc,” he adds. “The fact is that wireless networks, whether public or private, are at risk. It's very easy to use them to infect other devices that, in turn, will become a serious risk to any organisation. We see such attacks every day, where devices are being used to either stop the network operation of an organisation or to scan the network and infect devices, steal credentials and sensitive data to leak out of the organisation.”
Professionals, then, should exercise significant caution when using publicly accessible Wifi points, particularly if they work in high-security environments.
“Even if you believe that your enterprise wireless network is protected, it really isn’t because devices may have been infected off your premises and then later connected to your organisation’s wired corporate network. What is also important to remember is that it’s not only smartphones and laptops that are being used and connected to your corporate network,” says Bandler. “When you add in other devices such as smart watches, wearables and health sensors, the attack surface increases significantly.”