Do you use free hotel Wi-Fi? Well, you better not. Last week security research firm FireEye published a report claiming a notorious hacking group is using a leaked NSA tool to infiltrate hotel networks and steal the credentials of high-profile targets. Just another reason to stay clear of free Wi-Fi hotspots.
The tool in question, EternalBlue, was allegedly used by the US National Security Agency (NSA) for surveillance purposes. It exploits a version of Windows' Server Message Block (SMB) version 1 networking protocol, which allows it to spread quickly on many networks. It is also open-source – meaning that its code is available to anyone to use – which is why cybercriminals have been using it to improve their malware attacks since it leaked in April.
How the malware spread to hotel Wi-Fi networks
- As it is often the case with cyberattacks, it all started with a phishing email. An unsuspecting employee opened an email carrying an attachment named Hotel_Reservation_Form.doc. Using macros, the latter deployed the GameFish malware.
- Then, the program used the EternalBlue exploit to spread across the hotel network. It reportedly nestled in the systems that host both internal employee wireless networks, as well as the ones available to visitors.
- The third stage was when the malware deployed a penetration testing tool for NetBIOS Name Service (NBT-NS) poisoning. It pretends to be a printer or another device on the network, which tricks computers to share credentials with it. This way the hackers were able to steal the data that users sent over Wi-Fi.
Given that the guests of certain hotels include high-ranking corporate heads or government officials, it is no wonder why someone would devise such an attack. As we already pointed in another article, traveling individuals who carry sensitive information are natural targets for surveillance and cybercrime. The FireEye report just adds another particular attack vector to be worried about.
How to avoid falling victim to such an attack
It is a general rule that nothing is really free. When it comes to free Wi-Fi, the undisclosed price is the security risk that comes with using someone’s network. The simple solution is to avoid doing it altogether. If you are concerned about privacy, surveillance, and getting hacked, stay clear of free Wi-Fi.
How do you communicate when traveling then? One solution is to use only your mobile device’s data connection to access online services. When you need to use your laptop, you can set up a wireless hotspot with your phone. Given the roaming fees most mobile operators apply, however, doing this abroad would cost you a lot.
This is why we at Secure Group have included a multi-IMSI SIM card as an integral part of our secure mobile communications solutions. Secure SIM – available with Secure Phone and Secure BlackBerry – provides global data coverage with no extra fees. No roaming, no additional charges. And because the SIM can switch mobile identities, you can always count on the best available signal, while remaining independent from local carriers.