In James Bond films, the eponymous Mr. Bond gets to do all the heavy lifting; he’s the protagonist. While ‘Q’, the head of the research and development wing of the British Secret Service is a side-kick, who facilitates James’ heroics by supplying cool cars and handy gadgets. But it won’t be surprising if Q becomes the lead of future Bond movies considering how a major chunk of today’s espionage is happening online. The latest instance is of a Russian group named APT28 using hotel Wi-Fi to steal data.
Q (left) and James Bond (right) in Skyfall. Image credit: Sony Pictures Entertainment
According to a cyber security firm named FireEye, the APT28, uses software like Eternal Blue and Responder to carry out its attacks. With the help of these software programs, devices of travelers who use hotel Wi-Fi are hacked and passwords are obtained from them. These passwords are then used to breach the security of the internal networks of the organizations which these individuals work for or own.
It is to be noted that the Eternal Blue which is said to have been leaked from the U.S. National Security Agency, was also used in the recent WannaCry and NotPetya onslaughts.
The APT28, also known as Fancy Bear, has always been involved in politically motivated hacking activities, most notably, the DNC e-mail leak which happened before the 2016 U.S. presidential elections. Though there are allegations that this group is working for the Russian government, the country has denied these accusations.
This is not the first time public Wi-Fi is being used to abstract sensitive information. A South Korean group named 'Darkhotel' and Israeli intelligence agencies too are known for using hotel Wi-Fi to extract details about nuclear weapons.
Therefore, whenever you're traveling, it would be wise to spend some extra bucks on mobile data rather than using hotel Wi-Fi, to prevent your smartphone from being the gateway to cyber strikes carried out targeting your organization or country.