For many, a public Wi-Fi network means a place to stop briefly to search for directions, a coffee shop to work in and enjoy an overpriced beverage, or chance to check those crucial Facebook updates. Why not order that new bestseller online? Or change a password? Or set up a new online dating account? Maybe because these actions could afford a hacker tons of personal information. Most don’t realize the risks involved with simply logging onto a public network. That’s why Skycure, a company that analyzes threats to mobile security, launched their Global Security Threat Mapping project earlier this week.
Skycure, based in Tel-Aviv and founded in 2012, released the map on September 14. “”We believe this tool can be of great value for security researchers, reporters, bloggers etc.,” wrote Ariel Sakin, the company’s head of engineering, on the Skycure blog.
Information on potentially compromised public Wi-Fi networks is currently available for Boston and some surrounding areas.
While a haven for those whose monthly data packages are almost exhausted, public Wi-Fi networks can be a hacker’s dream. Online shopping on public networks provides those with the know-how access to your credit card information, full name and address of a target. Programs can guess passwords using the information stored on computers and smartphones. Viruses are often sent through public Wi-Fi networks, and in a process known as “WiPhishing” a hacker can imitate the name of a network, set it up to seem legitimate and lie in wait for someone to unknowingly log-on and provide access to data.
“The proliferation of public Wi-Fi is one of the biggest threats to consumer data,” David Kennedy, founder of information security firm TrustedSec told Forbes. “A hacker can monitor the network traffic of an entire store with an iPad-sized device hidden away in his backpack.”
According to the FBI, there aren’t reliable statistics on the extent of these breaches because victims often don’t realize they’ve been hacked and because it’s difficult to discover the origin of an attack.
Skycure monitors the networks that its users are connected to, warning of intrusion by outside sources. CTO Yair Amit told Thomas Fox-Brewster of Forbes that the source of the map comes from threats identified on the devices of Skycure users, meaning that it isn’t indicative of all existing threats – only of crowdsourced data from devices using the Skycure app. Still, according to Skycure, they’ve identified nearly 100,000 threats in over 30 countries.
“Regarding the nature of the incidents: when you see an incident marker on the map, it means that Skycure has identified concrete network behavior that endangers personal or business data of devices that connect to the network – these can target the OS level, app level or protocol level,” Amit told Fox-Brewster.
Skycure’s mobile app analyzes security threats to mobile devices. Aimed at corporations, but also handy for the average smart-phone user, the app ensures that secure data is protected from potential hackers. It received an excellent review in PC Magazine, who tested it by launching simulated attacks against an iPhone, all of which Skycure identified and issued security warnings for. Of the app’s release, TechCrunch reported the following in October 2013:
Its mobile IDS/IPS solution protects iPhones and iPads by monitoring network traffic behaviour. Unlike older solutions that focus on device management and physical theft, Skycure looks at the network layer, protecting devices from being compromised by local or remote hackers.
The Global Security Threat Map uses the same technology as the app, providing the location of the threat and the name of the network. A brief investigation of the technology reveals threats globally: Boston, Moscow, Tokyo, Córdoba, Cape Town – all have the red pins of compromised networks.
Screenshot from Skycure Maps.
