Fears of widespread use of unmanned aircraft to infringe upon on our privacy have gotten worse since it was revealed that the drones can be used to hack all of our personal data from our smartphones. Hackers have managed to steal passwords, usernames, band details and even home addresses from the smartphones of unsuspecting victims.
The exercise, which sounds like the ultimate cyber crime, was actually an experiment used to show how drone technology can be used to hack into a smartphone via WiFi and steal personal information. This test was conducted in London and the findings will be shared by the group of hackers at the Black Hat Asia cybersecurity conference in Singapore next week.
The drone used in the demostration is called Snoopy and it works by using a phone’s built-in technology to see which WiFi networks it has connected to in the past. Theoretically, this method can be used with any of the current drones in service. When a phone’s WiFi is on, it is constantly searching for a secure network to access. Snoopy takes advantage of this and provides the phone with a connection whereafter it has access to all the data sent and received by the victim’s smartphone. Websites visited, credit card information, location, usernames, passwords all become available to the hackers who demonstrated their experiment in London with CNN. The hackers hacked 150 phones in one hour.
In the wrong hands, this technology can leave people with empty accounts and completely vulnerable in the virtual world. The key is to access the Media Access Control (MAC) address which is unique for every device that is connected to the Internet. Once they have that number, they have open access to the device.The hackers say they are using this experiment to educate people on how vulnerable they are when their phones are left with the WiFi on and they are unaware that they are not connected to a known network.
The technology can be used for good also, as law enforcement officials can use it to track down criminals and access their metadata. Users need not to be terrified by this new development as they can simply turn their WiFi off when in public places and only use trusted networks and hotspots to access sensitive personal data.