Hackers Access Bank Accounts, Passports and Personal Information from Superyacht Guests and Crew!
It could happen. Did you know that a yacht in port can leave everyone on board vulnerable to data theft via their Wi-Fi connections? And the hackers don’t need to be geniuses with high-tech systems to wreak havoc with the cyber-lives of everyone on board.
But how is this possible? Don’t Wi-Fi set-ups on vessels have built-in security systems to prevent access from outside parties? They may, but Wi-Fi connections outside of the vessel could allow the bad guys in.
Here’s a common scenario: a superyacht docks in a port for several days with guests and crew on board, most of whom have multiple wireless-enabled devices, such as smart phones, computers and tablets. Like most of us, they use these devices to complete all banking, purchasing and record-storing activities necessary in their lives.
While in port, the devices automatically seek out a wireless connection to the port’s Wi-Fi. That’s where the security breech and opportunity for data theft comes in. A bad guy hanging out in the port area turns on his laptop computer connected to a small electronic device. The device creates a fake Wi-Fi connection mimicking the name of the marina’s connection in an attempt to lure in unsuspecting users.
Some people on board the superyacht and elsewhere in the vicinity, thinking the Wi-Fi connection belongs to the port, may connect to the fake port Wi-Fi. If they do, communications from their smart phones, computers, and tablets starts streaming across the bad guys’ laptop screen. That’s ALL communications, which could include passwords, bank account numbers and other financial information.
Does this scenario sound far-fetched? Hardly. Hacks like this happen every day in coffee houses and other public places around the world. And with the proliferation of data being transmitted digitally and our reliance on Internet-enabled devices, hacking attempts will only become more common.
So what can you do to keep your data and those of your guests and crew safe? Here are four ideas that will help:
1. Make sure you verify the network name EXACTLY.
In the scenario above, I describe the “bad guys” diverting Wi-Fi users to a disguised wireless connection with a similar name to the legitimate Wi-Fi connection at the port.
One of the reasons why this scam works is that the spurious Wi-Fi connection works just like any other connection. So users have no idea their information is being viewed by interlopers as they write emails, enter passwords and access bank accounts.
But by verifying that the Wi-Fi network name that you see in your Wi-Fi menu EXACTLY matches the port’s network name, you might be able to avoid this type of hack. And if you have any doubts, DON’T CONNECT to the network!
2. Use encrypted sites.
You’ve probably heard this before, but what exactly is an encrypted site and how can it help? According to TechTarget.com, “Encryption is the conversion of data into a form, called a cipher text that cannot be easily understood by unauthorized people.” Encryption basically turns the data into a bunch of symbols that have no meaning to anyone without the encryption code.
When a site is encrypted, the URL bar displays an “https” address. The “s” in the https shows that SSL (Secure Sockets Layer) encryption is active on the page. When SSL is active, your browser will also show a padlock icon in the address bar.
The best part is that when you use sites with SSL encryption, all information you send and receive will appear garbled to unauthorized people trying to view your data. So by using encrypted sites, you are effectively barring the door to would-be hackers.
Just so you know, most financial institutions and some communication sites like Gmail, Facebook and Twitter use encryption. But make sure that any e-commerce site you use is also encrypted. And don’t use a site if your browser notifies you that a site has an “untrusted” security certificate.
3. Update your software whenever updates are available.
Software, including your operating system and web browser, is constantly being upgraded to improve data security. Software companies are doing what they can to protect our privacy and our data, but they can’t (unless they are Apple) force the upgrades on us. So it’s up to each of us to be proactive and make sure all our devices are running the latest, safest versions of each program.
4. Use a VPN service.
If you don’t want to worry if the sites or mobile apps you use are encrypted, you can use a VPN (virtual private network) service. Here’s a simplified description of how it works: a VPN service encrypts your communications and then routes them through a computer server controlled by your VPN company. After leaving the VPN server, your communication continues on to the World Wide Web. This is known as “tunneling” because data packets are encapsulated on the sending end, transmitted between the VPN client and server, and then de-encapsulated on the receiving end.
If you use a VPN service, the bad guys trying to snoop on the Wi-Fi network in the scenario above will just see garbled data passing between your device and the VPN server. Because the VPN server acts as a middleman, they also won’t be able to identify your device’s location.
Do you need some help with your yacht Internet security?
The Technology Team at Great Circle Systems can set up on board and shore side systems designed to keep your data safe from hackers. We can provide a VPN service for your vessel, help you keep your software current, and even train your crew in data security best practices.
Want to know more about how an improved superyacht internet and Wi-Fi set-up can help you? Read
Want to know more? Just click on the picture below to get started.
photo credit: bre pettis via photopin cc
photo credit: kryptyk via photopin cc