Skip to content
ALL

Can your attendees be hacked through the wifi network of your event?

Can your attendees be hacked through the wifi network of your event?

Share news

2 min. de lectura

Listen

eventoplus
What is ‘NetZero Events’, the international commitment of the MICE industry? What do ChatGPT and artificial intelligence for events mean? Companies still far from defining sustainability targets in MICE
Imagine 1,200 of your attendees connect to a malicious wifi network, thereby letting cybercriminals know their identity, see the files they send, or even enter their computers, taking control of it. What impact would this have on the company? How much money will the company have lost?

This is just what security company Avast has shown in the recent American Democratic Convention. Avast put free Wi-Fi hotspots at the convention, to see if people would connect and open their computers. 1,200 did! Imagine the potential impact…

Attendees visiting an event are varied, their profiles may be senior managers, department heads, workers… They all come with devices containing personal information, both personal and professional. Very valuable for those who negotiate on third-party data, and extort this information.

The attacker runs an ‘exploit’ to sneak into the device, once inside, infects it with insertion of malware, or a rootkit that can put the device in the control of unwanted hands, or copy data from the device and leave no trace .

How does it work in practice? Enbex Benito Romero explains: one of the most common attacks of cybercriminals is to create in your event a free wifi network with a standard network name so that the user does not suspect (eg the name of the event). Once your attendee is connected to these networks, he opens his device to the owner of that connection, who can see the device’s contacts, photos, saved passwords… and all the files.

Attendees can also be redirected to a page that has the same look and feel as one they know, which also allows another variety of “hacking” phishing. For example, the hacker can set up a page that has the look and feel of the intranet of the company or the website of the bank, and when “the victim” tries to enter the fake page, the pirate will get the username and password, which will use the data obtained.

The solution: monitor and be very careful.

Enbex tells us that they provide the wifi service in Cybercamp, cybersecurity event. One attack among many others, there, was to create wireless networks without a password. Enbex, which as several wireless companies, provides a monitoring service security, had to cancel the pirate wireless network using geo positioning techniques, locating the point and overriding the wireless network.

Besides the risk of free open network, your network can also be attacked, especially if your event is sensitive. Establish a monitoring system is important to prevent it, to see if there are attempts to get into computers of participants.

Being more sophisticated, other solutions are to have a insolation solution for the network and segment the networks, which allows devices connected to the same network to not see each other. This means having a specific hardware, high-end system with encryption.

If there is a device we believe has been hacked, it notifies the organizer who will notify the user and take preventive measures (password change, analysis of the device…). 

One last reminder: only companies registered in the CNMC (national commission of markets and competition) and registered in the Ministry of Industry and Radiocommunications can offer a wifi service.

Related news.

See all news
Eventoplus