Often, when we think of hackers, massive-scale data breaches and attacks against enterprise organizations, such as Equifax, comes to mind. What we don’t think about and should, is the hacker-next-door. Whether you are working from home, at a coffee shop, or hotel, your data may be at risk and the threat isn’t necessarily from across the globe – it could be the person sitting next to you. Here are some examples of just how easy it can happen and a few scenarios to be aware of in order to better protect yourself.
Forget the Hacker Stereotype
As many cybersecurity experts will tell you, hackers do not all fit the stereotype. About a decade ago, the most common types of attacks were from someone known to the organization such as staff or contractors with privileged access to sensitive applications or passwords. The hacker that maybe accessing or stealing sensitive data from your organization could be the person that you routinely take coffee breaks with or see on your weekly Zoom calls. Often, that ‘hacker’ never had any intention of becoming a hacker but may have stumbled across something that seemed intriguing and temptation ended up getting the best of them. What could cause a co-worker or neighbor to become a hacker-wannabe and how do they manage to access critical corporate systems? It is easier and still happens more often than you think.
Hacker-Next-Door: Employee Turned Script Kiddie
Here’s an all too common example – an employee notices a file or workstation on the corporate network entitled ‘Payroll’ or ‘Employee Performance Reviews’ and they want to take a peek, however it is password protected. The employee then turns to a search engine to try and discover the most common passwords used. (When an ‘amateur’ attempt into a target system via using default lists of known and privileged passwords, they are dubbed a ‘script kiddie’). If that employee can enter the target system, suddenly they have access to a wealth of sensitive data and may also use their hacked access to cause disruption to business operations, such as changing passwords, deleting important data, modifying administrator access rights, and so on.
Hacker-Next-Door: The Unassuming Professional
Hotels and coffee shops are hacker-next-door havens. Often, this is because they keep their Wi-Fi easily accessible for the convenience of their patrons.
If you’re catching up on work in the busy hotel lobby or neighborhood coffee shop, you may be at risk. Here is a scenario that has probably happened to you before – a businessman at another table walks over and asks if the seat next to you is taken and if not, if they could sit for a little while so they can plug their device into the wall outlet to recharge. While it seems innocent enough, it could be a hacker trying to steal your information.
In places like hotels or cafes, hackers can use a little device called a ‘pineapple’ which is a small black box the size of a package of gum with two antennas on the top to spy on your computer. This gadget only costs a couple of hundred dollars and can imitate the signal of the Wi-Fi network that you are trying to join, so unknowingly you are using the hacker’s internet service and not the one you intended to. Often, the imposter Wi-Fi can be stronger than the actual hotel or cafe system and people falsely assume that it is a genuine internet source. Once you have accidentally logged to the hacker’s Wi-Fi, every move you are making on your device is being spied on and tracked as they harvest your login details, passwords, and more. Any action you are taking, like entering a credit card number to pay a bill, is being captured and can later be used by the hacker. Hackers can also access all of your contacts when spying on your device. This information is then commonly used for hackers to target your contacts with phishing emails, posing as you in order to trick your contacts into clicking on a malicious link or attachment.
Hacker-Next-Door: You’re Not Safe at Home
If you think that with your password-protected home internet service, you’re protected from hackers, think again. Quite literally, a neighbor could be using a pineapple device with an antenna booster to access your personal network. Even if you are using a robust security system on your phones and personal laptops, many homes contain other Wi-Fi-enabled devices that are often unsecured like baby monitors or smart TVs and these can be hacked to eavesdrop on personal conversations. Or the hacker-next-door may use your Wi-Fi network to download illegal material using your equipment.
While there are a number of ways to help keep yourself and business protected against cyber threats, remembering that there could be a hacker-next-door can help you remain vigilant. Always keep a close eye on your devices and the people around you and no matter what, never share privileged information like passwords with anyone – whether it is a friend, co-worker or your boss. To stay safe, remain vigilant about security best practices and be on the lookout for the possible hacker-next-door.