Most of us connect to public Wifi nearly daily. Part of the process includes agreeing to the terms and conditions. But have you ever read those terms? What do they really say about WiFi security?
A travelling salesman at a TNT client company connected to an unsecured public WiFi in the Denver airport. He agreed to the terms and conditions (as we all do), without realizing that one of those terms is that, essentially, there are no police on the WiFi, meaning the airport is not responsible for what hackers might do to you through the WiFi. Hackers were able to access his email password through the WiFi on his phone. It’s important to note that public WiFi doesn't encrypt data.
Once the hackers had his password, they logged into his email remotely, and for two weeks, they simply monitored his email. Finally, they went through his contacts and emailed many of them an email that included an infected attachment. To ensure the salesman didn’t catch wind of these emails, they set up a rule in his email that did the following: if anyone replied to their email asking if it really was from the businessman, an auto generated reply went out that said yes it was from him. The hackers then set up another rule that deleted those emails so the businessman wouldn’t see them. They also deleted contacts going back to 2010. As you can imagine, this would be disastrous for a salesman.
These were not small time clients either. These were big companies like Nike. Imagine if someone from Nike had clicked on the attachment, and not had the proper cyber security. It would be the Target hack all over again.
TNT’s Senior Network Engineer Dylan Clifford is an email rules master, and this is how he discovered the attack and stopped it. He found the new rules, and could see where the hackers had logged in from another IP address. Dylan changed the email password, turned off the rules, and restored deleted email and contacts.
As you can see, the sophistication hackers are using for their attacks is more extreme than it’s ever been. TNT recommends adding with 2 Factor Authentication to your security strategy. Had the businessman had this in place, while the hackers still would have been able to get his password, they would not have been able to hack into his email, preventing this attack.
Small businesses often feel like they are not a target because they are small, and/or don’t have much customer data. But, like in the Target incident, hackers will go after smaller companies because they know their security is likely weaker, and they can use the smaller company to get into larger enterprises. The company this salesman works for has fewer than 200 employees.
A multi-layered approach can shore up defenses for small businesses, regardless of the WiFi security (or insecurity) you are dealing with. The Network Team has a full suite of security offerings that can help protect your company and customer data.
We are also hosting a free small business cyber security seminar to teach you about the tactics hackers are using to get into your network, as well as what you can do to mitigate the cost of an attack.