Live event in Newcastle illustrates how unsecure networks allow data theft via devices as small as a handbag; Purple calls for an end to the “shared password” era.
Purple, the global leader in guest WiFi, has issued a call for heightened digital caution following a live demonstration that revealed how easily hackers can exploit insecure business WiFi networks to steal sensitive data.
The event, held on the 17th of March in Newcastle, proved that the biggest threat to business security isn’t necessarily a sophisticated cyber-attack, but rather the basic vulnerabilities found in everyday WiFi setups. During the session, cybersecurity expert Eliza May Austin performed a live “evil portal” demonstration, using a device small enough to fit inside a handbag to intercept traffic and clone a network in seconds.
The demonstration highlighted that when a network is not properly secured, it takes very little effort for a bad actor to sit in plain sightโbe it a coffee shop, hotel, or officeโand capture user credentials, login details, and personal information.
For many businesses, the use of shared passwords or running guest WiFi on the same network as Point of Sale (POS) and internal systems remains a common but dangerous practice. The panel, featuring Purple CEO Gavin Wheeldon and Alex Craig, a Partner at Muckle LLP, discussed how these unsecured environments create an open door for data theft and leave businesses struggling to meet legal obligations under GDPR and the Investigatory Powers Act (RIPA).
โWhen you think, ‘no one gives a s*** about me, I’m just a little company,’ trust meโthey do,โ said Gavin Wheeldon, CEO of Purple. โYou are a much easier target than whoever your customers are. Our focus is on identityโmoving toward a passwordless future where security is automated and the ‘human element,’ which is often the weakest link, is removed entirely.โ
Key insights from the session included:
- A live look at how unsecure networks allow hackers to use inconspicuous, portable tools to clone a legitimate WiFi network (SSID) and harvest data from unsuspecting users.
- Why running critical business operations, such as POS systems, on a network shared with guests creates a high-risk entry point for attackers.
- On compliance and responsibility Alex Craig of Muckle LLP explained that the responsibility to protect user data lies with the venue, noting that many current WiFi setups fail to provide the necessary oversight required by law.
- How Purpleโs “passwordless” technology eliminates the need for shared passwords, using automated certificates to ensure a secure, encrypted connection that cannot be intercepted by third parties.
To help businesses understand and close these security gaps, Purple has released the full recording of the Newcastle demonstration. The session provides a transparent look at how easily data can be compromised and offers a roadmap for moving toward a more secure, automated connectivity model.
Catch more CIO Insights:ย CIO as Orchestrator of Cross-Functional Digital Strategy
[To share your insights with us, please write toย psen@itechseries.com ]
