Free Wi-Fi can prove costly for users
The next time you hook on to a free Wi-Fi network with your phone at your favourite cafe, beware: Hackers could latch onto your phone's signal to break in.
Smartphones have a preferred network list of Wi-Fi points that they can connect to automatically.
Information on this list is transmitted and sent out as signals when the connection is taking place, and a person who has specialised tools and knowledge can intercept the transmission and eavesdrop on this list. With this, that person can then break into a phone and steal data.
That was what cyber security analyst and penetration tester Daniel Cuthbert did while sitting in at the keynote address at the information security conference Black Hat Asia held in Singapore recently. Hackers can get details on where you work or which coffee shop you frequent, based on the network name.
Mr Cuthbert, who is chief operating officer of security consultancy SensePost, said: "If I want to stalk somebody and learn their pattern of behaviour, I can."
He was one of 43 speakers at the conference, which gathered about 500 attendees. The conference was aimed at discussing emerging cyber threats and finding ways to improve security.
Cyber security has become a key concern for Singapore, in the light of the rising number of hacking cases and security leaks, leading to efforts like the Cyber Security Agency being launched today.
Presenters at the conference showed how easy it is to hack into mobile phones and devices. Among other things, hackers can hack into mobile phones, sell and share credit card information, or even disable a car as it is moving.
Freelance systems developer Eric Evenchick, 24, showed how a car can be controlled by plugging a USB tool he designed into the diagnostic port under the dashboard.
It allows a user to access a car's controller area network, and he can then control anything from the headlights to the windows to even the brakes. And "spamming" the car's electronics with data can cause its system to shut down from being overwhelmed.
Mr Evenchick said: "Automobile manufacturers didn't really expect people plugging into their systems. But with more cars being able to connect to the Internet, it exposes a whole bunch of functionalities the automobile folks never really secured."
While such vulnerabilities are being exposed at hacker conferences to jolt developers into improving their systems' security, Mr Cuthbert said users can and should take precautions as well. "There needs to be greater user awareness. For example, we need to stop being so trusting when it comes to wireless networks."