At least 8 cases of private Wi-Fi networks hacked this year, and almost 1,500 intrusions reported so far.
KUALA LUMPUR: There have been eight instances of private Wi-Fi networks being hacked and 1,462 cases of online intrusions so far this year.
According to CyberSecurity Malaysia (CSM), Malaysia’s national cybersecurity agency, this is nearly double the number of incidents compared with the same period in 2015.
A report in The Star said CSM had advised users to keep their Internet browsers up to date and to disable the feature which automatically saves passwords in the cache – as it makes it easier for criminals to steal.
CSM said hackers could position themselves between a person’s device and the Wi-Fi router and record sensitive data that the surfer was keying into his device.
Hackers could also “create” their own Wi-Fi and trick people into thinking they were connected to a credible public access point like the one from a restaurant, airport or office – when in actual fact these devices were connected to the criminals’ hardware, said the report.
Through this, they would be able to remotely watch everything a person was sending out on the Wi-Fi like passwords, e-mails or credit card information.
The Star report quoted LE Global Services (LGMS) executive director Fong Choong Fook as advising people to avoid surfing the Internet on a public Wi-Fi.
“I would never use a public Wi-Fi. Even an IT person may not be able to tell if the access point he is connected to is safe or if the activities are being watched.
“There may be signs like your Internet is slowing down but hackers can make it so elegant that you won’t even notice,” he told The Star in an interview.
Fong demonstrated to The Star how a hacker could steal information by setting up an “evil twin” Wi-Fi, using a laptop and naming it after a famous franchise restaurant just below his office.
Within seconds of logging in, the “hacker’s” computer began recording the activities in both devices in the experiment – recording every e-mail address, username and password that was keyed in.
The report said though the demonstration was only meant for the devices in the controlled environment of the LGMS office, three other users got connected to the dummy Wi-Fi, thinking they were linked to the franchise restaurant’s Internet, during the experiment.