WASHINGTON–Credit unions should consider highlighting again for members the risk of using public Wi-Fi networks, as should other organizations, according to the National Security Network (NSA).
The NSA has issued a warning to all federal employees, leading defense contractors and the 3.4 million uniformed, civilian and reserve personnel serving in the military, with what was described in one report as an “unusually specific admonition” that logging on to public Wi-Fi “may be convenient to catch up on work or check email,” but it is also an invitation to attackers.
In an eight-page document, the New York Times reported the agency described how, in a year marked by ransomware attacks on pipelines, meatpackers and even the police force in Washington, D.C., clicking on to the local coffee shop’s network was “asking for trouble.”
“Avoid connecting to public Wi-Fi, when possible,” the warning states, adding that even Bluetooth connections can be compromised. “The risk is not merely theoretical; these malicious techniques are publicly known and in use.”
Easily Hacked
The warning links readers to videos of how easy it is for hackers to use an open Wi-Fi network, one that requires no passwords, to harvest passwords and the contents of passing cellphones, the Times reported.
“Cybersecurity experts have long warned about the dangers of public internet in coffee shops, airports, hotel rooms and similar venues. At conferences like Black Hat, where government officials are hunting this week for new recruits, exposing the vulnerabilities of mobile devices is something of a sporting event,” the Times reported. “Some participants take glee in revealing the contents of a visitor’s phone on a big display for all to see. It is meant as a vivid reminder that hooking on to public Wi-Fi, or enabling Bluetooth connections, or even the capability to make a purchase by tapping a reader with a phone, is an invitation to have nonencrypted data seen by anyone.”
Looks Like the Hotel, But…
The NSA warning includes a caution that criminals or foreign intelligence agencies can set up open Wi-Fi systems that look as if they are from a hotel or a coffee shop, but are actually “an evil twin, to mimic the nearby expected public Wi-Fi.”
The Times added the NSA warning was clearly timed to come out as more people are traveling again for work, and agency officials said the timing was a recognition of a permanent change in how and where people are using the internet, even for critical national security jobs.