Daily Express

THE COFFEE SHOP BANDITS

There are thieves about – and increasing­ly they are targeting wifi networks in public places to extract private informatio­n

- By David Harding

LUNCHTIME in the ancient city of Winchester and all seems well. Families, shoppers and workers walk seemingly carefree around its streets. People pack the restaurant­s and coffee shops, some with friends, others alone looking at their phones.

But lurking in the shadows is a growing hi-tech menace.

Gangs of internet-savvy criminals are targeting unsuspecti­ng members of the public, even in places such as this quaint Hampshire city, armed with little more than a £25 box bought from the darker recesses of the web and a knowledge of how to grab private informatio­n from people’s smartphone­s and laptops.

“It’s a growing problem,” says internatio­nal cyber security expert Gordon McKay. “We are seeing it more and more because wifi networks are proliferat­ing. The rewards are large.”

Gordon is showing just how easy it is for opportunis­tic criminals to grab our most private informatio­n and how susceptibl­e most of us are, just by simply logging on to a public wifi network.

We are sitting in one of Winchester’s many high street coffee shops, where, as people sip on a latte or cappuccino – they can so easily be targeted.

“The coffee shop is the number one spot for hacking,” says Gordon.

Airports and shopping malls also exceptiona­lly vulnerable,

Just a few feet away are people working on laptops. Most others are on phones. Although they do not know it, anybody online is at risk.

Within seconds of Gordon setting up his hi-tech equipment, which allows him to monitor whether criminals are operating in the area, as many as eight red warning signs pop up on his computer screen, to confirm that they are.

He says: “We are looking for things that the public are vulnerable to, that could lead to them losing their savings and control of their privacy.”

Close

RIMINALS are able to extract informatio­n passing over the internet with little effort and by hiding in plain sight.

Small boxes, some known as an “odroid” or others as an “udoo”, easily concealed in a jacket pocket – and bought for the same price as just a few high-street coffees – help them set up wifi sites for unsuspecti­ng members of the public to use.

Using the box, criminals will establish a wifi network, usually with a name similar to the shop they are in – or they can work up to a range of around 450ft so they do not even have to be in the same building – hoping to get unsuspecti­ng internet users to log on.

These sites are known twins” says Gordon.

Not only are the criminals able to set up fake networks through their boxes, but they can send out as are

“evil

“de-notificati­ons” – pushing people off the official networks owned by shops and forcing them to look for another network, hopefully, for the criminal, the one they have just set up.

Once someone has logged on to an evil twin, they are at the mercy of cyber thieves.

Any informatio­n they search for or use – bank details, phone numbers of people they have been messaging, online city centre park

DARK WEB: Criminals are using devices to steal informatio­n ing – after being tricked on to the illegal network will go straight to the gangs. It can also take something called an IMSI – the Internatio­nal Mobile Subscriber Identity – which is the unique number given to every mobile phone.

This can allow unscrupulo­us people to monitor calls or locate exactly where they are or have been, without anybody knowing that their privacy has been breached. Within seconds of getting that informatio­n, criminals can relay it to anywhere around the world to use how they want, says Gordon.

The devices the gangs are deploying may be Heath Robinson, according to Gordon, but they are very effective.

“Potential problems are not obvious to the target until it is too late and some financial disaster or similar has befallen them,” says Gordon.

AS THE access to wifi networks has increased, and the number of highstreet networks has grown, so, too, has the proliferat­ion of network intrusion.

The problem can be made worse by some network providers automatica­lly putting customers on to the nearest available wifi without them knowing, meaning their details could be vulnerable while their smartphone remains in their pocket.

Gordon believes police should be given more power to tackle the internet criminals. “Officers surely could be provided with extra resources to tackle this.

“At the moment, they are on hiding to nothing,” he says.

Lawful intercepti­on, whereby police and intelligen­ce agencies are able to selectivel­y extract data from mobile telephone networks to catch criminals and terrorists, is a rapidly growing global industry.

It is highly regulated and, in the UK, police abide by strict rules. The criminals using devices such as the odroid have no such controls.

Gordon’s advice for anyone wanting to prevent their most important details being stolen is to take no risks on a public wifi network. Make sure all apps are closed, do not do banking or any transactio­n with cards, he says.

Wearables such as smart watches could also pose a problem as they could contain the owner’s bank details and could just as easily be picked up by an “evil twin”.

Is there any way to stop gangs pinching private details on a public network? “Never do anything important,” advises Gordon.

a

 ??  ??
 ??  ??
 ??  ??

Newspapers in English

Newspapers from United Kingdom