Wi-Fi ombord - Du kan bli hacket

In-flight airplane Wi-Fi is vulnerable to hackers: Reports
Wi-Fi in the sky isn't a vague thought any more. As in-flight airplane Wi-Fi becomes more of a commonplace, the risk of cyber-criminals targeting unsuspecting travellers is even more.

With so many passengers crammed up into one system, it is no less than a hackers paradise. Routehappy, a service known to rank flight amenities revealed earlier this year that passengers on US airlines now have a 2/3 chance of getting in-flight Wi-Fi on all the miles they fly.

The report adds that domestic in-flight Wi-Fi has grown 1,600-fold since July 2013, and the expansion is obviously driven by consumer demand. While travellers look to satiate their Internet needs even while travelling, some malicious minds are working to hack into their accounts.

"If you pay bills, write work emails, or shop online, a hacker with only modest skills has a chance of getting your data," points out VentureBeat.

According to the report, one of the common mistakes by people is terming the Wi-Fi network as 'Home' when they are asked if it is a Home, Work or Public connection. Users choosing Home tell their computer that the files can be shared with everyone on the Wi-Fi network.

This doesn't mean those choosing Public option is safe. "Commercially available hacking devices, like the WiFi Pineapple, are particularly dangerous on flights. The Pineapple pretends to be a home Wi-Fi gateway as it connects unsuspecting users to airline Wi-Fi. This allows the Pineapple hacker to snoop on browsing activity and access files on the computer. The Pineapple could operate in overhead storage, unbeknownst to passengers," the report further adds.

There are monitoring options to detect malicious behaviour using Silver Tail, FireEye or other such products, but that would mean making in-flight Wi-Fi more expensive. The report does mention some preventive measures such as need to configure in-flight routers to block peer-to-peer (P2P) traffic, use of VPN connection and file-based encryption for work emails, and so on.