ThreatList: A Ranking of Airports By Riskiest WiFi Networks

Airport TSA agents don’t check terminals for insecure WiFi networks, so stay on your toes when using hotspots at these airports.

With time to spare at an airport, fliers don’t think twice about cracking open their laptops and taking advantage of one of many free WiFi hotspots. But they should, warns Coronet.

Coronet, which sells wireless network security products, recently published its list of best and worst airport WiFi offerings here in the United States when it comes to security. According to a study of 45 of the busiest U.S. airports, San Diego International Airport has the riskiest WiFi hotspots. The least vulnerable is Chicago Midway International Airport.

“Unfortunately, WiFi security is often sacrificed by airport operators in exchange for consumer convenience, leaving networks unencrypted, unsecured or improperly configured,” notes the study (PDF). “Even for those airports that do prioritize security, attack techniques such as the Key Reinstallation Attack (KRACK), which can break the WPA2 protocol to capture and/ or expose information shared over public and private WiFi, presents significant risk to passengers in transit.”

Network risk scores were based on the probability of an attacker on a network.

The most troublesome issues found at airports included a WiFi network named “SouthwestWiFi,” which performed an attack on SSL/HTTPS traffic at the Houston William Hobby International Airport.

“An Evil Twin WiFi access point with the name ‘#SANfreewifi’ was used at the San Diego international airport, running an ARP Poisoning attack,” according to the report.

What follows is a list of both the least vulnerable and most vulnerable airports. The higher the “threat index score” the riskier the airport.

Suggested articles