Skip to content ↓ | Skip to navigation ↓

As part of a security awareness campaign, a seven-year-old girl was able to successfully hack a public WiFi hotspot in 10 minutes and 54 seconds.

Seven-year-old Betsy Davis entered into the ethical hacking demo, meaning that a security expert supervised the entirety of the experiment, with only her laptop. She was then able to find out how to hack the controlled environment’s public WiFi using basic web searches.

Among other things, her searches yielded more than 11 million results on Google, as well as nearly 14,000 video tutorials on YouTube.

Using one of those tutorials, Davis was able to set up a rogue access point for a Man-in-the-Middle (MitM) attack, which allowed her to steal data from other computers accessing the network.

She completed her attack in just under 11 minutes.

“The results of this experiment are worrying but not entirely surprising,” said Marcus Dempsey, the security expert who oversaw the experiment. “Adults need to get their heads around online security basics – and stick to them whenever they connect to an unsecure network.”

The experiment was carried out by VPN provider www.hidemyass.com, which is seeking to bring attention to the dangers of users accessing any one of the 270,000 public hotspots available in Britain.

According to follow-up survey, a majority of British online users (59%) regularly access unsecured public WiFi hotspots, with one in five using them at least once a week. 31% of users transmit emails and personal documents on those networks, and 19 percent access them for personal banking.

Betsy Davis is the latest example of how children can foster a broader understanding of information security and cyber threats.

 
Back in October of 2014, Tripwire interviewed Reuben Paul, another influential child in the field of security, who is CEO of his own company and regularly speaks at a variety of high-profile security conferences.

You can view an interview with Reuben here.

Endpoint Detection & Response For Dummies
  • Desaber

    The lack of knowledge and disinformation surrounding security in general whether consumer or organization are a major problem just addressing consumer/public safety. The administration of the public wireless is also responsible. Improperly patched and administered network gear on its own can make these types of excersizes easy. Even more so if the security on the WiFi connection is questionable. To many times I have been told that they guessed a public wifi 's password. Let's be honest if Web was being used a knowledgeable individual will be on board in under a minute.

    I feel this article also stresses the danger of unintentional and curios script kitties.

  • Al Bino

    I think this is bogus. It seems like a publicity stunt to gain visibility for the company. If this is true, let's see a walk-through of this child getting to the point where she is able to perform these activities. One keeps reading that it happened, but no one seems to have seen it happen.

  • Peregrine

    Whether this particular incident did happen does not matter. What's more important is, "Can this really happen?" The answer is yes. There is no doubt a skilled individual can intercept data from public unsecured Wi-Fi connections.

    Whether data is intercepted by a skilled professional or a seven year old doing a few Google searches is not relevant. What's relevant is that data is being intercepted. Hence the need for security awareness.

  • I think this is bogus. It seems like a publicity stunt to gain visibility for the company.

  • Lol.. thats why i always perform my internet activities under my PureVPN account, so i can protect my personal information from these kinda hackers

  • Wow That,s Amazing 7 Year old girl hacked Public wifi it show,s us that we are still not Secured

  • Sorenson

    That’s why I am against using public WiFi without a VPN. I use Ivacy VPN to make my data secure and activities hidden.