I attended a cybersecurity conference a few years ago and the keynote speaker said something that always stuck with me… the internet is just someone else’s computer. When you think about it, it’s obvious. But when your working, shopping, browsing… the machinery evaporates. This is by design. I mean, who wants to turn a crank all day? But this disconnect leads people to trust systems that they shouldn’t, specifically unsecured wireless networks.
The speaker provided an analogy that was helpful. Imagine getting on the train one morning and seeing a piece of fruit sitting on the seat unattended. Would you eat it? Most would say no because they have no idea where it’s been. However, most of those same people would connect to unsecured wireless networks at their hotel or coffee shop.
Some of you may be wondering why this is an issue. Well, threat actors take advantage of unsecured networks with devices such as packet sniffers that allow them to capture the traffic on that network. Or perhaps they will sit in the coffee shop and inconspicuously project their own wireless network signal, leaving it open for coffee house patrons to connect. In these situations, any unencrypted information is theirs for the taking. This can include sensitive company data or personal information that can become the basis for a social engineering attack later.
How do you keep your information safe?
First and foremost, do not connect to untrusted networks unless it is absolutely necessary. Find an alternative. If you don’t control the network and those on it, use cellular or a self-projected hotspot. Unfortunately, the meeting rooms in some hotels are in the basement where cell service is unavailable. In those cases, use a VPN to encrypt your traffic before transmitting any data over the network. These simple steps can be the difference between safety and swimming with Wiresharks.
Companies should adopt policies regarding untrusted networks and train their employees on following those policies. Remember, culture starts at the top, which is why company executives must set the example for employees, especially on matters of security. The stakes are too high.
Need help?
You’re not alone. Let Blatt Law Group keep you safe by updating your cybersecurity policies and procedures.
Reach out: inquiries@blatt.law.