Coventry University specialists expose the risk of public wi-fi
CYBER security experts at Coventry University have helped to expose the risks of connecting to public Wi-Fi.
Dr Siraj Shaikh and Madeline Cheah – both specialists in cyber security based in the university’s Centre for Mobility and Transport – were drafted in by the BBC to help with an experiment.
The academics were asked to simulate what is known as a ‘man-in-the-middle’ attack and the exercise was filmed as one of the features on the corporation’s Inside Out West Midlands programme.
The duo created a rogue access point disguised as a public Wi-Fi hotspot in the BBC’s offices in Birmingham’s Mailbox.
Volunteering members of the public – who were asked not to use any genuine personal information or passwords – were provided with tablets and smartphones and asked to connect to the hotspot, entering details through a bogus Wi-Fi login page which had been set up as part of the experiment.
The network was not connected to the internet for security reasons – meaning no real websites could be accessed – but Ms Cheah, who was posing as one of the volunteers, was able to intercept all the data which was requested through the bogus login page, as well as details like the type of device and its IP address.
The simulated attack was made possible with the use of a simple device the size of a smartphone, which is used by professional security analysts and enables a user to read and capture traffic over a network.
Although the only data being intercepted in the experiment was fictional, the academics said that in the wrong hands, such technology could be used to access a person’s private and personal details without them knowing about it.
Dr Shaikh, reader in cyber security at Coventry University, said: “In today’s connected world we’re all very accustomed to having Wi-Fi access at our fingertips wherever we go, whether that’s in a restaurant, on the bus, or while we’re waiting in an airport. Unfortunately the convenience of it often trumps any security concerns we may have, and this has led us into bad habits.
“This experiment by the BBC to raise awareness is important and timely, and we were keen to take part to help people understand just how vigilant they need to be to avoid falling victim to this kind of security breach. There are around 270,000 Wi-Fi hotspots in the UK, so they’re an easy target for criminals. Our experiment was tightly controlled to ensure we were acting ethically and legally, but somebody with malicious intentions could go a lot further.”
