Security

Is airport public WiFi cybersecure?

The
future
of US air
traffic control:
the third option?

Earlier this year, cybersecurity experts Coronet published a report ranking the US airports where passengers are most likely to be hacked if they sign in via a public WiFi network. But just how risky is it to connect to public WiFi in an airport? Elliot Gardner finds out more

W

iFi availability has become a precious modern commodity and one that the general public have come to expect as a norm everywhere that they find themselves, from restaurants and bars, to busy city streets and of course transport facilities. What many may not be aware of though are the inherent dangers associated with connecting to an unknown WiFi network.

Cybersecurity is increasingly being identified as a potential danger to airport infrastructure and the welfare of staff, travellers and visitors. Considering the emphasis placed on rigorous physical security procedures in today’s airports, it can come as a shock how unprepared many high-profile airports actually are when it comes to the cyber protection of their own systems and the devices of passengers. Malicious use of unsecured WiFi networks is yet another area where airports may be letting their guard down.

Image courtesy of 

Ranking airport WiFi cybersecurity

A 2018 report published by security experts Coronet ranked the 45 busiest airports in the US in which passengers were most likely to be subject to a cyberattack, with San Diego International Airport coming in at the top of the list. And these risks weren’t minor.

At San Diego alone, Coronet identified a 30% chance of a passenger connecting to a medium-risk network while in the airport and an 11% probability of connecting to a high-risk network. In fact, while the company was conducting its analysis, an ‘evil twin’ WiFi access point called ‘#SANfreewifi’ was operational within the airport.

“To identify the airports with the greatest cyber risk, Coronet collected data from more than 250,000 consumer and corporate endpoints that travelled through America’s 45 busiest airports over the course of five months,” explains Coronet co-founder and CISO Dror Liwer.

Image courtesy of 

“Coronet then analysed the data consisting of both device vulnerabilities and WiFi network risks, which was captured from the company’s threat protection applications. Following the completed analysis, the data was combined and standardized to compile an Airport Threat Score. The greater the vulnerability for devices and networks, the higher the score assigned. Based on the analysis, Coronet classifies any score above 6.5 as unacceptable exposure.”

The company identified seven US airports with a threat index score of 6.5 or over, with San Diego scoring 10.0, the maximum available. But only ten of the 45 airports scored lower than 5.4, meaning the vast majority of public WiFi systems at airports posed a notable risk to passengers’ devices.

Eero Knuutila is Head of Service Development at Helsinki Airport.

Image courtesy: Helsinki Airport

The vast majority of public WiFi systems at airports pose a notable risk to passengers’ devices

An inconvenient convenience

While public WiFi is extremely convenient, especially for business passengers and those who cannot afford to be out of touch with the outside world, connecting to an unknown network provides a very easy entry point for those looking for vulnerable devices to compromise.

“The trouble with WiFi is that current WiFi security was designed by engineers and not cryptographers, and I'm afraid they're badly flawed,” says PA Consulting digital trust and cyber resilience expert David Alexander. “There are publicly available attack tools for any of the techniques used at the moment to secure WiFi. Quite frankly, anything that's available at the moment can be broken.”

While there is nothing inherent about airport networks that specifically renders them susceptible to attacks, airports themselves have been identified by many assailants as ideal locations to carry out an attack. They are unique environments where you’ll find a great deal of WiFi-hungry individuals connecting to any network they can get their hands on, including businesspeople with potentially sensitive intelligence on their devices, and a place where a great deal of people will naturally be idling around on laptops, tablets and smartphones, making any suspicious activity much easier to hide.

Image courtesy of 

“There are lots of unknown people sitting around the airport - by definition, people pass through all the time. And people can be there for hours if they're waiting for a check-in or a flight connection. So with someone sitting in an airport cafe somewhere with a cup of tea and their laptop open, how do you know what they're looking at? Are they actually running a rogue access point in the background capturing people's details? It would be easy to do and no one would know,” says Alexander.

And according to Liwer, an attacker doesn’t even necessarily need to be anywhere near an actual airport terminal to carry out a WiFi-driven attack. Thanks to the availability of legally purchasable devices and software, fraudulent captive portal or evil twin attacks can easily be set up to entice the public to sign up their details, or trick their devices to believe the connection has previously been validated.

The complicated set-up in most airports adds to the confusion. Often, airport lounges will have their own private WiFi networks for premium passengers. High-profile restaurants, cafes and bars might want to do the same. Any business in the public service industry wants to keep customers happy, but adding extra variables into the airport setting can provide additional vulnerability avenues for attack.

“Existing WiFi security simply isn't good enough,” says Alexander. “Someone who's got the knowledge can gain access fairly quickly, probably within an hour at most. If the airport security isn’t up to date, they might be able to do it in 15-20 minutes, maybe less if they get lucky.”

Existing WiFi security simply isn't good enough

Compromised business traveller devices

Six out of ten small companies go out of business within six months of a cybersecurity breach, and given the amount of air travel arranged to facilitate day-to-day business, this inevitably means sensitive business information is going to be at risk. By merely accessing a network compromised by a malicious actor, data can be entirely compromised.

“People could capture log-in credentials, banking details; if you’re a businessperson they could look at capturing business intelligence. They can read your traffic if you're not using an encrypted virtual private network to your office systems. Even simple information is useful to them. If you’re high-profile and a frequent traveller, they can see where you’re heading off next,” explains Alexander.

“It could be a rogue access point with a man in the middle attack - your traffic ends up at the intended destination but via a system controlled by the attacker. They might even inject some kind of malware or spyware onto your device. There was a recent attack where Starbucks customers had their devices recruited to mine cryptocurrency.”

Image courtesy of 

It’s not just businesspeople with high-profile data at stake; anyone can have their details stolen. Unsecured airport WiFi even poses a risk to government personnel. Alexander speaks specifically of certain nation states that are known to use methods similar to compromised WiFi networks to monitor specific persons of interest.

In terms of how to protect devices from these kinds of attacks, both Liwer and Alexander offer the same advice to passengers: ensure the operating system on all devices using a WiFi network are up-to-date and patched. The same goes for any browsers and apps; keeping a device up-to-date prevents 80% of attacks.

While some airports are better prepared and configured than others, with several having fleshed out cybersecurity processes built into their security centre operations, the innate vulnerabilities of public networks means airports themselves – if they offer such a service – are always going to be opening up their passengers to potential risks. It appears that until more secure WiFi systems come into effect, members of the public will have to very quickly become cyber-savvy enough to protect their own devices.

Eero Knuutila is Head of Service Development at Helsinki Airport.

Image courtesy: Helsinki Airport

Six out of ten small companies go out of business within six months of a cybersecurity breach

Share

Share this article