Wednesday, July 27, 2016

SITREP –RIO - Fake Wi-Fi Networks at Various Locations Around the RNC

A cyber security company conducted a Wi-Fi collection effort to expose the ease of utilizing free Wi-Fi hotspots.  Collection was conducted last week during Republican National Convention (RNC), in Cleveland OH.  Avast is a Czech security software company headquartered in Prague, Czech Republic, that develops antivirus software and internet security services.  Avast created a series of fake Wi-Fi networks at various locations around the RNC.  Avast’s team set up several networks, using names such as "Trump free Wifi," or "Google Starbucks," which were designed to look as though they were set up for convention attendees.  Upon connecting, trusting a random and unprotected network they found in a public setting; the users unwittingly gave Avast access to spy on their devices.

Over the course of a 24 hour span, Avast found over a thousand attendees that were completely negligent in their device’s security.  Over 60 percent of the users who connected had their identity completely exposed.  These 1,000 attendees also used the open and unprotected Wi-Fi hotspots to check their mail, used smartphone apps, and even played Pokemon.  

This security based collection exercise exposed how easy it is for criminal actors and or organizations to set up fake Wi-Fi hotspots for collection activity within large events.  Caution is offered to individuals attending large events; to beware of open and free Wi-Fi hotspots utilization.  When possible, use a VPN to help keep your sensitive information safe.

Publication Date: 25 July 2016
Handling Requirements: Traffic Light Protocol (TLP) AMBER
Attribution/Threat Actors: OSINT- Potential Malicious use of Wi-Fi Hotspot Networks
Actor Type: Tier II
Potential Targets: 2016 Olympics & DNC Philadelphia PA

This report was published in its entirety to the Financial Services ISAC and Red Sky Alliance portal on July 25, 2016.  For more information, contact Wapack Labs at 844-4-WAPACK.