European Parliament Hit By Man-In-The-Middle Wi-Fi Attack

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Public Wi-FI at the EU body shut down after attacks detected

The European Parliament has shut off its public Wi-Fi after it detected man-in-the-middle attacks scooping up users’ smartphone communications.

In a notice to workers, the European Parliament said people’s inboxes may have been compromised. Affected users have been contacted and told to change their passwords.

EU, Europe © Virginija Valatkiene Shutterstock 2012

The body has also offered software certificates to users, allowing them to securely access the private European Parliament Wi-Fi network.

MITM attack on European Parliament

Man-in-the-middle (MITM) attacks see attackers sit on the same network as targets, sniffing traffic using tools like Wireshark. Hackers can then determine what software users are running to target vulnerabilities on victims’ devices, potentially allowing them to compromise phones.

“On the medium term the Parliament will take additional measures to further secure the communication to the Parliament,” a notice from the body read.

“This kind of attack can be performed at any place where you are connecting through a Wi-Fi network (hotel lobby, airport, train station, etc.) and it is therefore important that you only accept to connect through known secure Wi-Fi networks.”

A spokesperson from the European Parliament said the attack had taken place and that mailboxes of some MEPs and staff had been compromised.

“The Parliament’s internal IT systems were not hacked… The IT services are currently looking into which measures can further enhance the security of using a public Wi-Fi network for MEPs and staff,” the spokesperson said, in an SMS message sent to TechWeekEurope.

European bodies have been caught up in the Edward Snowden leaks, which revealed attacks on European Union offices and on telecoms supplier Belgacom from the US National Security Agency (NSA) and Britain’s GDCHQ

The European Parliament is carrying out an in-depth inquiry into the alleged widespread surveillance.

Jason Steer, EMEA product manager at security firm FireEye, said attacks over public Wi-FI were “a pretty common attack vector today”. “MITM attacks are becoming more and more popular to harvest user details,” Steer told TechWeekEurope.

“Putting up a free Wi-Fi spot today outside a coffee shop would quickly show people are happy to use any network, secure or not.

“We see cases every week of user credentials harvested using techniques as simple as this to begin the process of social engineering people and then attacks begin.”

Shhh!  Don’t look at our quiz on Whistleblowers and leaks!