14 DAY TRIAL // British primary schooler Betsy Davies managed to hack a laptop computer connected over open Wi-Fi and reached information stored on the device in an experiment carried out to raise awareness of the danger of accessing the Internet via an insecure connection.
The 7-year-old relied on video tutorials freely available online to hack the Wi-Fi hotspot and set up a rogue access point to conduct a man-in-the middle type of attack.
Freely available instructions show traffic interception methods
The method used by the girl is often leveraged by cybercriminals to intercept traffic from devices connected to the wireless network, as all the communication between the victim’s computer and the intended server passes through their setup.
After watching a video on hacking a network, Betsy was able to apply the knowledge during the experiment and complete the task successfully. What’s more, she did it in little under 11 minutes (10’54’’).
The campaign was set up by VPN provider HideMyAss specifically to demonstrate that connecting to an open wireless network is a risky step to take.
"We set the challenge to IT-savvy primary school student Betsy Davies from Dulwich in South London, who was able to hack into a public Wi-Fi hotspot after she searched and watched a video tutorial online which explained how to hack a network," the company says in a blog post.
Many users are not fully aware of the dangers associated with this action and often use insecure networks not just for logging into personal online accounts but also for online banking, overlooking the fact that a threat actor may have taken control of the hotspot and might see all the traffic in plain text.
Wi-Fi users should pay attention to the network they connect to
Betsy said that the task was quite easy as she read the instructions she was given and that at first she could not make any sense of the numbers and signs she found, but later everything became clear to her.
Hopefully, with this experiment making the rounds online, people would think twice before signing into online accounts without making sure that they have a safe connection to rely on.
Verifying that the traffic is encrypted is just a matter of checking for a green padlock in the browser’s address bar. Relying on VPN is also a safe way to navigate using Wi-Fi that could be compromised.
If a 7-year-old can understand the steps for taking over an open Wi-Fi, cybercriminals would have absolutely no trouble doing this and using the sensitive information stolen this way to create financial distress.
Mind that an individual does not have to spend a lot of time or any money to find the necessary tools and the instructions for doing the nefarious job.