Story image

The dangers of in-flight Wi-Fi: Airplanes 'unique' hacking grounds

19 Oct 2016

In-flight Wi-Fi is becoming more prevalent as travellers seek to stay connected as much as possible. However, while the dangers of public Wi-Fi are already well known, the security issues of in-flight internet connections are still somewhat obscure.

That’s according to NordVPN, who says security is a major issue and travellers might be giving away private data to cybercriminals.

NordVPN says that in 2015, there were already 52 airlines worldwide offering in-flight internet, and the prevalence of U.S. in-flight Wi-Fi alone has grown 1,600-fold since 2013.

“First, there's no password protection on the Wi-Fi connection, so anyone can intercept all data that¹s being transmitted on the wireless network,” the company says.

“Thus, while it¹s great to go online while you are in the sky, connecting to Gogo or other providers might mean you are giving your private data away to cybercriminals.

“Airplanes are unique hacking grounds -­ more dangerous than airports or coffee shops, as they cram passengers in one small space for hours,” it explains.

“This gives plenty of time and opportunity for hackers to access all data that¹s being transmitted over open networks. Passengers who do online banking, shopping or business emailing are especially vulnerable to identity and data theft.”

NordVPN says hacking devices, such as WiFi Pineapple, are accessible to anyone and are particularly dangerous on flights.

“The Pineapple, which is small enough to be stored in someone¹s carry on, pretends to be a Wi-Fi connection ­ so when a user connects to Wi-Fi, they are actually connecting to a hacking device,” the company explains.

How can airplane passengers protect their data and securely connect to the Internet?

First, a traveller gets to designate the Wi-Fi network as Home, Work or Public. Those who choose Home network show that they trust all the people connected to the same network - which should not be the case on an airplane full of strangers, NordVPN says.

Work network should be used for a private group at work. So the safest option for airplane passengers is Public network setting -  as this option is created to make sure it¹s not visible by other computers.

“Secondly, travellers have to make sure they are connecting to the Wi-Fi network offered on the flight, and not a look-a-like network with a similar-sounding name that might be spoofed,” the company says.

According to NordVPN, besides these local precautions, the best and most effective way for any traveller to protect their data is to use a VPN. 

“A professional VPN service encrypts all the traffic flow between the internet and a device and helps hide an IP address. If you are a beginner, it¹s best to choose a VPN that¹s user-friendly,” it says.

“VPNs are becoming essential in the world of tightening online security, and soon using a VPN will be as common as going online,” NordVPN says

“Unfortunately, some in-flight networks cut back on security and block VPNs, but in most cases users have no obstacles for using Virtual Private Networks.”

Besides using a VPN, travellers should use antivirus, firewall and anti-spyware and automatically update their software, the company adds.

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.