In September, one of PGI’s Cyber experts attended the 2015 Monaco Yacht Show. Whilst there they conducted a WiFi survey of Port Hercules using software freely available from the Google Play store. Surprisingly they were able to detect 3,045 wireless networks in a three hour period.
Many of the Wi-Fi signals were being emitted from the Yachts themselves and most showed different networks for the different people on board. With the networks being named for crew, captain and guests. This sort of oversight makes prioritising which networks to focus on, in order to gain unauthorised access practically child’s play for hackers.
The expert also discovered that over 75 of the networks were using Wired Equivalent Privacy as the security protocol. This, now very outdated method of security, can be defeated in as little as 90 seconds by a hacker.
The implications of such a discovery means that criminal gangs could gain access to a yachts computer network and learn who is on the yacht, where the Yacht has been (ideal for identifying common routes) and, disturbingly, where the yacht is likely to be going next. Such information can put the security of the persons on board in danger.
The most famous example of a security breach as a direct result of an insecure Wi-Fi network was the 2007 the hacking of American company TJX. A hacker launched a cyber-attack by using an insecure Wi-Fi network in one of the company’s TJ Maxx stores. The hackers were reported to have stolen the credit card details of 45 million people. Experts however believe that the real number was nearer 94 million.
The attack is considered to be one of the most expensive hacks in history.
How to Improve a Wi-Fi Networks Security
1. Change the Routers passwords
The first thing you should do to secure your Wi-Fi network is to change your routers default password and wireless network password. A hacker can find default passwords for countless makes of routers online and can use that information to take control of your network or use your router to take part in a Distributed Denial of Service Attack (DDOS).
2. Turn on/upgrade Network Encryption
By upgrading your networks encryption you are adding an extra layer of security to your network. In order to prevent other computers in the area from using your internet connection, you need to encrypt your wireless signals.
3. Install Updates
Hopefully you keep your computer, tablets, phones etc. up to date with the latest patches (sotfware and security updates). By doing the same for your Wi-Fi router you can fix bugs and can even improve your wireless routers performance.
By educating staff working in your business you can avoid a lot of the risks to a network. Your employees can be your most valuable asset in protecting the network. Education is needed to emphasise this protection as most employees are not aware of the risks. Training staff on training courses such as those taught by PGI Cyber can raise awareness in your organisation.
By taking simple precautions you can help defend your network from cyber threats. Awareness, education and a "will to act" are what is required. Don’t become a target, invest in protection and seek the advice of the professionals at PGI Cyber.
Your free global geopolitical
PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.
The Risk Portal gives users up-to-date information and analysis on global affairs.
The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.
Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.
Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.
Subscribe to our Cyber Bytes Newsletter
Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.