Weird Security Term of the Week: "Snarfing"

The Problem: You’ve just spent 36 hours traveling for work and finally arrived at your hotel. After finally relaxing a bit, you want to logon via the hotel’s secure Wi-Fi and check your email, check out the news and watch some Netflix. After powering up the laptop, you discover the name of the Wi-Fi access point but notice that there are several with the same name. They all look secure, so you believe that they are all the same and pick one at random and connect. After opening your web browser, you are redirected to a login page and give the access credentials that you were provided at the front desk. They are accepted with no problem, so you start checking your company email and check out a few sensitive documents that you were sent from the main office that they need your approval on. After reviewing and making some notes, you send them back and start watching a TV show that you’ve been catching up on and try not to think about work for a while. Several days later, its discovered that the document you had sent out was posted to a file sharing site and now your competitors have announced versions of your products that are near clones.
“Snarfing” is the action of grabbing data and using it without the owner’s consent. In the example shown above, a false access point is created that strongly emulates the legitimate access point. The user connects to this rogue access point, and provides their credentials which are then copied and passed along to the legitimate access point. After that, every website that the user goes to can be tracked and files or credentials can be caught as they are downloaded or uploaded if they are unprotected.

The Solution: While there are dozens of different ways that snarfing can occur, the example that we are reviewing today has very specific defenses that can be used to prevent this method of attack.

Solution the First: Do not use untrusted Wi-Fi networks

It can be very tempting when you don’t have a large data plan to use free Wi-Fi at places like Starbucks or hotels. However, these locations can be magnets for specific people – The more expensive the hotel, the more likely it is that the person that is going to be staying there has information that would be worth a significant amount of money. Therefore, if you are going to a location that you do not know for a certainty that the network is trusted and secure- don’t connect to it.

Solution the Second: Use a portable hotspot

When you have a smartphone on you and a reasonable amount of data on your plan (and assuming your cellular provider allows it), you can enable a ‘portable hotspot’ on your mobile device- essentially turning your phone into a mobile access point. Mobile data connections are quite secure under most circumstances, and this can be a very useful method to access data without potentially disastrous consequences. Please keep in mind that you’ll want to make sure that you have reasonable protection on your mobile- anti-virus and anti-malware protection for example- but the items listening on the wire on that connection can be trusted more than an unknown wireless connection.

Solution the Third: Use an in-room Ethernet jack

While most hotels have opted to only use Wi-Fi, many others still have network jacks on their desks in rooms. Due to the way that modern wired networks function, it is far more difficult for a malicious user to create a quick-and-dirty method to falsify this type of connection. Additionally, because each connection in a wired switched network is independent- it is more difficult for a malicious user to monitor traffic without having compromised the network itself. It is not impossible, but requires direct access to the hotel’s network infrastructure- something most users will not have access to.

Honorable Mention: Use a VPN connection

Snarfing as a whole can be a difficult problem to solve, due to the way that Wireless technology functions. However, it is possible to reduce the chances of your being compromised in this way by only connecting to known trusted networks. This means turning off automatic connection to any open wireless access point on your mobile. It means using your mobile data more often when you are not at home or work, but it also means that you aren’t exposed to potentially compromised networks, and that can make all the difference in the world.