A key message during this campaign is “Online Crime: It's always personal”. To illustrate this message, the team behind Get Safe Online approached the Surrey Centre for Cyber Security (SCCS) led by the Department of Computer Science to provide technical and professional expertise in demonstrating how easy it would be to capture data from unsuspecting members of the public.
The result is a short video that demonstrates how, using a rogue WiFi hotspot, it is readily possible to capture and use such information as passwords and even credit card details. Fortunately, there was no ill-intent and data captured this way was suitably deleted – however, those whose data is was may well think twice before conducting similar activities in public locations in future.
Get Safe Online is now trending on social media (@GetSafeOnline), and the video can be viewed at: https://www.getsafeonline.org/protecting-yourself/getsafeonlineweek2015/
Dr Chris Culnane (playing ‘Chris Hacker’ in the video), a Research Fellow of the Department, created and executed the attack. He and Dr Anna Vartapetiance, another member of the Department's research staff, were both on hand during the day of recording to assist and explain.
Prof Steve Schneider, Associate Dean (Research and Enterprise) of the Faculty of Engineering and Physical Sciences (FEPS) and Director of SCCS, commented: “We are proud to be working with Get Safe Online to provide a concrete demonstration of how readily people’s personal data can be captured and could subsequently be used for other purposes. Having somebody show you what they’ve been able to see you doing online seems to carry a much bigger impact than simply discussing the risks, and hopefully this helps to propagate the message”.