Alerts related to a known public WiFi network vendor.

book

Article ID: 170792

calendar_today

Updated On:

Products

Endpoint Protection Mobile

Issue/Introduction

I’ve seen an alert related to a known public WiFi network vendor (e.g., Boingo). Is this a real incident? SEP Mobile (formerly Skycure)

Resolution

 If you received an alert then the network in question tried to decrypt the encrypted traffic coming from your device. As a result, sessions and passwords could be seen in clear text.
There are two types of threats here, and both can lead to email theft, access to other corporate resources, device lock down, user impersonation, and in some cases even phone tapping.

  • The network is legitimate, but not secure, and sensitive organizational data including passwords is sent to an external service provider in clear text. If their public routers are compromised (a very easy task), your data is at risk.
  •  Malicious groups create networks with common trusted names like Boingo, AttWiFi, etc. The attackers leverage the fact that users will auto connect, and hence will be vulnerable to attacks.

We take such threats seriously, and will continue to address them on a regular basis. One other unique advantage of SEP Mobile is to secure this communication without compromising connectivity.