Tuesday, 18 October 2016 00:25

In-flight Wi-Fi: latest attack vector for cyber theft requires VPN protection


With Australia’s two major airlines, Qantas and Virgin Australia, soon set to offer in-flight Wi-Fi, this is a timely warning to protect yourself with a VPN.

It’s getting to the point that using VPN 100% of the time is required to shield yourself from mandatory metadata retention laws, telcos, governments, cyber criminals, ISPs and anyone else.

Now comes the warning that in-flight Wi-Fi is yet another place you can expect to be attacked, snooped upon and spoofed, with inflight Wi-Fi already in use in the US for years and already offered by 52 airlines worldwide.

In 2017, Wi-Fi laggards Qantas and Virgin Australia will offer in-flight Wi-Fi as reported in iTWire here

But Australians who have travelled overseas, or anyone from anywhere who has travelled on a flight offering Wi-Fi is at risk, according to common sense, security experts and also the people at NordVPN

Naturally, NordVPN wants to promote its VPN services for all circumstances, and has provided some interesting information in an attempt to get some publicity, which in this case, has succeeded.

The company notes that "the prevalence of US in-flight Wi-Fi alone has grown 1600-fold since 2013", and notes that, in the US, inflight Wi-Fi is "dominated by Gogo, while its two main competitors, ViaSat and GEE, use satellites exclusively for airlines such as JetBlue and Southwest".

Horrifyingly for anyone interested in actual security, NordVPN reminds us that "there's no password protection on the Wi-Fi connection, so anyone can intercept all data that's being transmitted on the wireless network".

Thus, while it’s great to go online while you are in the sky, "connecting to Gogo or other providers might mean you are giving your private data away to cybercriminals".

Indeed, NordVPN states that "airplanes are unique hacking grounds­ more dangerous than airports or coffee shops, as they cram passengers in one small space for hours. This gives plenty of time and opportunity for hackers to access all data that's being transmitted over open networks. Passengers who do online banking, shopping or business emailing are especially vulnerable to identity and data theft".

The company also warns of hacking devices, such as the Wi-Fi Pineapple, which "are accessible to anyone and are particularly dangerous on flights. The Pineapple, which is small enough to be stored in someone’s carry-on, pretends to be a Wi-Fi connection so when a user connects to it, they are actually connecting to a hacking device.’

How can airplane passengers protect their data and securely connect to the Internet?

First, NordVPN notes that "a traveller gets to designate the Wi-Fi network as Home, Work or Public", which is true of Windows 7. But I don’t remember if Windows 8 or 10 still makes such designations.

In any case, NornVPN states that choosing "Public" is the best option, and while NordVPN doesn’t state it, this option offers very minimal protection against smart hackers.

Then there’s the warning "to make sure you are connecting to the Wi-Fi network offered on the flight, and not a look-a-like network with a similar-sounding name that might be spoofed".

However, as you’d expect NordVPN to state, "the best and most effective way for any traveller to protect their data is to use a VPN". 

NordVPN tells us that "a professional VPN service encrypts all the traffic flow between the Internet and a device and helps hide an IP address. If you are a beginner, it’s best to choose a VPN that’s user-friendly".

Naturally, NordVPN bills itself as very user-friendly, and various other VPN companies make similar claims, so be sure to do your own homework on which one you think is the best for you.

That said, I’ll let NordVPN have its desired plug, which is that it has "has recently launched new Mac, Android and iOS apps (with a redesigned Windows app on the way) geared towards the everyday Internet user".

Once you’ve started the NordVPN app and have logged in with your username and password after purchasing access to the NordVPN service, you press or click the "ON button" you’ll see in the app.

The app will then choose the fastest server to connect to, in a country of your choice.

As is the case with VPN software, "that’s all it takes to hide your IP address and to start safe browsing".

Unsurprisingly, NordVPN warns users to "beware of free VPN service providers that typically rely on third party advertisers to cover the costs. Often, they are free proxy services, marketed as VPNs, when in fact proxies are not encrypted (they just change your IP address, but do not hide/encrypt it)".

Free VPN services may also be being run by hackers themselves or other nefarious agents.

Nord states: "VPNs are becoming essential in the world of tightening online security, and soon using a VPN will be as common as going online. Unfortunately, some in-flight networks cut back on security and block VPNs, but in most cases users have no obstacles for using Virtual Private Networks".

Nord also advises that "besides using a VPN, travellers should use antivirus, firewall and anti-spyware and automatically update their software" which is definitely good advice.

Of course, NordVPN has a coupon to tempt you into buying its service, with the pretext that October is "Cyber Security Awareness month".

Nord’s deal is to offer "70% off its yearly fee during the month of October. Simply go to NordVPN, choose the yearly plan, and enter 'CyberAware’ coupon code at the checkout".

More at NordVPN’s site here

Nord Wi Fi Airplane


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.



Recent Comments