Security Hacking Stories

Is Free Wifi something that you use?

Are You Using Public Wi-Fi?

Coffee shop WiFi is convenient, but is is safe or secure?

Every day, tens of millions go to their nearest public Wi-Fi hotspots: cafes, restaurants, hotels, libraries, you name it.  Many places make it easy to access quickly.  But what rights are you losing as you log into one of these internet providers?

Innocently enough, we log into our personal email accounts to access personal emails, look at online bills, and make contacts.  As if it was not clear before logging in, we are accessing public Wi-Fi.  It would be easy for anyone within your immediate radius to steal your online information, and worse, precious personal information.

Who and Where

Earlier this summer, a researcher announced that he had built a device that could access public Wi-Fi spots from 2.5 miles away from its router location.  What does this mean?  The ease of access is great for anyone who does not want to leave their home or place of business, however it endangers anyone else who is using that particular public Wi-Fi connection.

ProxyHam, as the device is called, not only protects the identity of someone using the public Wi-Fi spot from miles away, but allows them complete access over that public Wi-Fi.  As fake “proxy” connections protect the identity of the person using this special device, their identity leads to a dead end of illegitimate IP addresses, making their presence in the Wi-Fi hotspot virtually unknown.

The ProxyHam device can easily be hidden within anywhere public Wi-Fi is available, making it easy for criminals and hackers to steal your identity and information over public Wi-Fi.

Although this device is intended to protect the identity of whistleblowers and others who wish to disclose important information that the public may need to know about – it is important to note how dangerously easy this technology could fall into the wrong hands.


Unencrypted and Dangerous

The most immediate danger of public Wi-Fi is that it is unencrypted.  Unlike an internet connection at a private location, such as an office or home, anyone can access the pages you are browsing.

Any hacker or criminal can easily steal important data after you’ve made one simple click on a website: saved forum data with your name, address, phone number, and sometimes other personal information can be easily found through public Wi-Fi.

Other hackers can use your data to provide reporting on how people are using public Wi-Fi.  This could disclose more of your personal information than what you desire: banking, bills, and itineraries could easily be hijacked and shared among businesses, making you a greater target for spam and other junk mail.

The threat of a hack through public Wi-Fi is heightened when a device already compromised is using the same connection as you.  There is also the possibility of the connection itself carrying malicious software, unbeknownst to every day users.

Businesses and Public Wi-Fi

Eateries and places you may conduct business or work at are not the only places your Wi-Fi connection could be compromised.  Retailers have now joined the game to track your analytics and get you to buy more.

In 2013, Nordstrom was found guilty of tracking their customers through Nordstrom’s public Wi-Fi connection.

When customers would enter a Nordstrom location and be prompted to join public Wi-Fi, Nordstrom’s own analytics tracker would immediately find data pertinent to selling: where customers are at in the store, how long it takes them to look at an item, and how long customers are in the store before purchasing.  The service Nordstrom once used also tracked information on the gender and age of their guests.

Nordstrom, after a firestorm was set, posted signs around their stores to give their customers an option to either accept or deny the tracking service as they connected to public Wi-Fi.

Unfortunately, Nordstrom is not the only retailer to have used analytics devices such as these, as tracking customer detail and history becomes more and more vital to the retail industry.  Amazon is guilty of this service, tracking customers through cookies as they shop online.

The threat of public Wi-Fi connections and dangerous devices able to steal your information is ever-increasing as the technology becomes available.  Individuals and businesses may use it in the most innocent of ways, or to completely ruin someone’s identity.  As always, the key is taking preventative measures against being hacked and tracked before it happens.

IT Security, Inc. is experienced in both the regulatory compliance, as well as security solutions which are essential at protecting the environment from security breaches, data ex-filtration, and compromise.  When you expect results, IT Security's experience helps keep your networks and data, safe and secure.


Albert E. Whale is the President and Chief Security Officer for IT Security, Inc, a security consulting company focused on the Security of the Applications, Cloud, IoT, Internet & Network based resources. IT Security, Inc. works with organizations to assess and resolve issues with their enterprises, focusing on getting security done right.

View my LinkedIn Profile or contact IT Security, Inc. directly at 412-515-3010 or http://www.IT-Security-inc.com.