If you are one of our readers who follow The Hacker News every update, you probably know that Public WiFi network is a security risk. But many people aren't aware, including our great politicians.
Internet security provider F-Secure carried out an experimental hack against three prominent UK politicians and hacked into their accounts with the help of public Wi-Fi network.
To be very clear, all the three politicians – Rt. Hon. David Davis MP, Mary Honeyball MEP and Lord Strasburger – gave their consent to the recent exercise that focused on hacking into their devices using public, freely available Wi-Fi networks across London.
F-Secure teamed up with the penetration testing firm Mandalorian Security Services and the Cyber Security Research Institute to carry out the tests.
Despite holding major positions within the different parliaments, all three politicians admitted that they had "received no formal training or information about the relative ease" with which systems can be hacked while using insecure public Wi-Fi – which all the three said they use regularly.
Here are the Test Results:
Rt. Hon. David Davis MP HACKED!
The white hats stole email account password through public Wi-Fi and successfully broke into the email account of David Davis, Conservative MP for Haltemprice and Howden who is well known for his views on privacy and surveillance.
To underline the security risk, Mandalorian penetration tester left a draft email to the national press announcing his defection to UKIP. Moreover, his PayPal account was also compromised, as the account used the same password as his Gmail.
Here're Davis responds to the results: "Well, it is pretty horrifying, to be honest. What you have extracted was a very tough password, tougher than most people use. It is certainly not 'Password.'"
Mary Honeyball MEP HACKED!
Mary Honeyball MEP, who holds a seat on the EU committee responsible for the 'We love Wi-Fi' campaign, herself became a victim of a phishing attack.
Honeyball was browsing the Internet in a cafe when she received a message seemingly from Facebook inviting her to log again in to her account. She ended up giving her Facebook credentials to the ethical hacker, who then accessed her Facebook account.
Lord Strasburger HACKED!
Now let's move on to Lib Dem peer Lord Strasburger. His Voice over IP (VoIP) call he made from his hotel was intercepted and recorded using freely available online software Wireshark.
"That's very worrying. This is very powerful equipment," Strasburger said. "The thought that a beginner could be up and running in a very few hours is really worrying. I think it proves that people (when they are using technology) need to know a lot more about it. In the end, they have to look after themselves, because it really is down to you, no one else is going to do it."
A Small but Effective Takeaway
The experiment on politicians demonstrates how easy it is to compromise and stole personal data of users relying on public Wi-Fi networks.
No doubt, the free Wi-Fi saves your mobile data and can keep you online while on roads, but they are far from secure.
I will not advise you to not to use public Wi-Fi networks, but protect your data using service like VPN (Virtual Private Network) that encrypts all your data traveling from your device to the network.