Drone that hacks devices coming to Scottish Security Conference
SCOTLAND is for the first time set to welcome an aerial drone with the ability to hack the mobile devices of unwitting users.
Named ‘Snoopy’, the drone will be unveiled on March 9 at a landmark conference on cyber security, where it will take part in active demonstrations to showcase how it can be used to steal data – which could include anything from home addresses to bank details.
Snoopy and its creator, Glenn Wilkinson, are to be welcomed by the Scottish Business Resilience Centre (SBRC), ahead of the national conference, Trading Securely for Business, which is being billed as the most comprehensive cyber security event ever to take place in Scotland.
The SBRC, which is the business delivery arm for the Scottish Government and Police Scotland, is placing an extra focus on the safe use of mobile devices, which criminals are increasingly targeting with a variety of devious techniques.
Glenn Wilkinson, Senior Security Analyst and Ethical Hacker at SensePost, a multinational security firm, believes that everyday use of Wi-Fi enabled devices can create a host of opportunities for unscrupulous e-criminals.
He said: “The snoopy drone is able to hack devices which are constantly searching for Wi-Fi by duping them into connecting to the snoopy device.
“It is relatively simple software used by criminals worldwide – and it highlights an important point that we must make sure devices don’t constantly search for Wi-Fi when it is not necessary or we can’t be certain of what it is we are connecting to.
“The concerning thing is that it is increasingly the case that every device we carry emits unique signatures – and even pacemakers come with Wi-Fi today, what a bad idea!”
The technology targets mobile users with Wi-Fi running on their device, seeking an open connection. These can frequently be disguised as recognised Wi-Fi networks i.e Costa Coffee or BT Openzone.
This allows the Snoopy Drone to pick up information such as geo data (shows where you are and where you’ve been), passwords and banking information stored, as well as any photos or files stored on your phone.
A similar demonstration at a conference in America witnessed over 5,000 devices picked up by a single drone.
SBRC Director, Mandy Haeburn-Little, said that while so many people are dependent on working from Wi-Fi to save costs on data, this is one of the threats that they need to be aware of.
Mandy said: “We are here to keep businesses up to speed with emerging threats and this is all about giving business the information it needs to keep their own data and that of the organisation safe.
“This is the first time that the Snoopy Drone is to visit Scotland. This visit will be a friendly one, but the software used and the methods being demonstrated are already available for anyone on the internet to make use of, for nefarious means.”
Mandy added: “Cyber crime can at times appear to be an unwinnable battle, but the reality is that often small steps can make a huge difference in limiting the likelihood or impact of an attack.
“This upcoming conference is hugely exciting. It will be the strongest ever gathering of global experts on the subject in one room, to discuss practical advice for any interested party.”
Mandy suggests that individuals follow these three top tips for keeping your devices secure.
- Never leave the Wi-Fi settings on your device set to automatically connect to networks. This works in the background of your phone and is a security risk.
- Always check with the Wi-Fi provider as to what their network name is, including whether characters are uppercase or lowercase.
- If using Wi-Fi in a public place, ensure that necessary precautions are taken when browsing the internet i.e. Firewalls & anti-virus software
Hosted by the SBRC, the conference, taking place at the National Museums in Edinburgh, will feature talks from global industry experts, examples of leading tech products along with dramatic demonstrations to highlight the battle that is being waged against all forms of e-crime.
The Trading Securely for Business conference will feature live demonstrations from tech industry experts at Sophos, Rosberg and SensePost, as well as the SBRC’s own crack team of Ethical Hackers – who routinely highlight weaknesses in business’s networks – allowing them to address and limit the risk of a criminal attack.