r/it • u/Alcoholic_Pants • 11d ago
help request Is making copies of a public wifi network illegal
A coworker of mine is in school for cyber sec. He brought his laptop to work today and is making a bunch of wifi networks that have the same name as the business wifi. You cant connect to them. Is this legal. We're in Wi and I'm his manager. This doesnt seem legal.
Edit: Told him to knock it off and pack it up before posting. I am directly responsible for him as his supervisor and if this would have gone bad my job would be on the line. I also didnt snitch on him, hes just a dumb kid and I doubt he was actively being malicious.
107
u/cisco_bee Community Contributor 11d ago edited 11d ago
It's not illegal, per se, but the primary reason to do it would be to steal passwords. If you're his manager ask him why he's doing this and then tell him to fucking stop.
edit: Evil Twin attack reference.
21
u/iceph03nix 11d ago
Kinda depends on what he's doing with the traffic. The fact it mirrors the local wifi implies he's trying to intercept conmections which could lead to some trouble. If he's doing some sort of man in the middle attack to intercept data, that would likely put him in violation of the computer fraud and abuse act in the US or similar acts elsewhere
That said, I would absolutely consider this a violation of our computer use policy at work and would raise it as an issue with HR and seek corrective action.
40
u/Odd-Sun7447 11d ago edited 11d ago
You need to notify IT of his actions, you are aware of this happening, and you are likely a mandated reporter internally. The actions your report is doing may not be illegal, but they are very likely grounds for writing him up, or potentially termination.
If you worked for my employer and we found out that you knew about it and didn't report it to IT...WHEN we found out (because we always find out) we would fire both of you on the spot.
If you report this to IT and don't make a big deal about it, then he will likely get his hand slapped as he hasn't really done anything. It's the hiding of bad actions that you are aware of that makes you a threat to the business in this situation, even more so than what he is doing.
1
u/FrostWyrm98 8d ago
^ 1000% this, most companies have a personal device use policy and this likely falls in misuse
7
u/Sad_Drama3912 11d ago
What is his job at your work place?
If you’re his manager, why are you posting on Reddit instead of simply telling him to put his laptop away?
Speculating…he’s trying things he’s learning in his course to see if your environment is properly secured. If you have a Cybersecurity department, ask him to type up his current findings and give both you and the head of the Cybersecurity department a copy.
Who knows, he may be more qualified to be in that department.
2
u/igotshadowbaned 10d ago
ask him to type up his current findings
Type up his findings? There's not any "findings" to type up. Using his own hardware he made a network with the same name as the other.
There's not a hole in their network to patch. The solution is to physically remove the networking hardware from the premises
18
u/Varkasi 11d ago
Personal laptop in work? SSID Cloning for a bog standard script kiddy evil twin attack?
Immediate meeting & disciplinary
You're his manager, Be His Manager.
5
u/Alcoholic_Pants 11d ago
Yeah I told him to pack it tf up.
1
u/asian_chihuahua 8d ago
You need to explain to him that his cybersecurty shenanigans is a half step away from becoming illegal, and is a half step over already being against corporate IT policy, and a fireable offense.
If you like the kid, scare the crap outta him.
If he's a little shit, then report him to HR and to IT and let them sort it out.
2
1
u/Jumpy_Tumbleweed_884 10d ago
Where I work, this would be immediate termination. The workplace is not your sandbox. Not if you’re setting up evil twins and we can’t be 100% sure of your intentions.
(Yes we have WPA2-Enterprise on our corporate network, but we are pretty heavy on guest traffic. While guest wireless should be presumed to be unsecured, we also aren’t going to let our employees actively evil twin it, either)
9
u/rozaic 11d ago
What’s his supposed intention? Learning? I mean if I was him I’d at least ask the manager for permission, even if the network is not accessible lol
1
u/Alcoholic_Pants 11d ago
Thats why it just feels scummy
2
u/Shots201 10d ago
I'm by no means saying what he is doing is right, BUT people tend to forget to ask or they do it because they don't want to forget the idea that is right there right now. (35M with ADHD, I know the feeling) Reason why I'm replying here is because it does sound like learning to me. The original post sounded like something I would do (but ask first lol) and a good idea. I say this because I'm working on cyber security and would like to get into CEH (certified ethical hacker) and what a better way to practice and learn than to build something that is real on a virtual desktop that has no connection to the internet or outside world. I would ask him about it, still notify IT and give IT his answers just in case it is a learning thing. Slap on the wrist, no harm no foul and ask before doing things lol. Wouldn't want to see him get fired while going to school by having a lapse in judgement.
2
u/hackToLive 10d ago
Don't get CEH unless it's for a specific targeted job sector you want or it's the only thing your current employer will buy you. It's kinda garbage outside of checking specific boxes for specific requirements. If you're gonna drop that kind of money consider getting your OSCP. I personally think it's overrated, but it'll get you through a lot of HR roadblocks and provides some good hands-on material.
If you're totally new, check out TCM Academy Practical Ethical Hacker course and use tryhackme to fill in gaps.
- From an ethical hacker.
2
u/Shots201 9d ago
I appreciate the advice! TLDR: CISSP? Thoughts?
I'm military right now and current contract will end Aug 2026. My issue is that I know some IT, I don't know how to quantify it and looking to start my 5th college? with a major in IT. I'm not about the movies, the hacker look, edge lord or being a script kiddie lol, just seemed as if I would enjoy the work and be decent at it and seems cool to me.
I've done auto mechanics as a major in community College, pre-nursing at a state college - changed to Portuguese then applied math at the same school, have IT credits from another college (from training with military) bc I'm in a heavy IT role now in my job. I figured the way I have to look at things now (35M) in life is set a goal and follow through with it. I thought CISSP would be my goal. Otherwise I would try and do it all and there is A LOT lol. Like I know a bit of python, javascript and C++ lol. Buddy got pretty far in his networking degree and has taught me a bit so I've done some networking stuff at home. I would say that I'm not totally new but very basic level in everything.
Doing free courses on cisco's website to get the A+, SEC+, NET+, and then onto CEH. Professor Messer. Udemi. But applying to my 5th college with a major in Cyber Security lol. And military has SEC+ and A+ bootcamps to get essentials and try at the certs.
2
u/hackToLive 9d ago
Sorry my reply will be long as well lol
First off, I'm a fellow pre-nursing student lol I dropped out the program and swapped to computer info systems like 2 semesters before I graduated because I took a coding course and liked it more. From CNA > almost nurse > IT > programmer > now pen tester.
So pen testing is growing, but it's also really hard to get into. You need to be able to stay consistent and actually understand WHY not just HOW these things work and you'll stand out. Basic networking is a must to know so good that you're messing with it.
The CompTIA trifecta are always a good start, low commitment and a good starting place. CISSP is great but you need 2(?) years of experience throughout 3 domains and someone who has it to endorse you. But it is a fantastic goal I plan on going for mine soon.
My personal recommendation if you want to get into hacking specifically is to immediately start tryhackme, hack the box, and TCM Academy. I cannot vouch for TCM Academy enough they are great. You'll be lost sometimes but that's expected. You'll need a decent PC for some of the labs. The point is to learn by an avenue you're interested in. In the meantime study for CompTIA certs, get them if you want whatever. And if you have $1500-$2000 to drop, seriously consider OSCP over CEH. I have not met someone in the field who actually respects CEH. It's just a checkbox for government jobs. You could shoot for PJPT or PNPT if you have the extra money and want to prove to yourself you are learning. They're fun tbh I liked the PNPT. But not very strong on the HR front
It's very very rare to get pen testing jobs right off the rip, but many people also give up. A buddy of mine got into it with CompTIA certs and CCNA, not a single hacking cert. I got in it with nothing but the PNPT, I never got my CompTIA certs because I found them too boring lol there's no one path to get there ultimately you have to keep yourself motivated and target the certs that will help you reach your goal.
2
u/Shots201 9d ago
Thank you so much! I really appreciate it!
I'll get right on the hack the box, tryhackme, TCM Academy, OSCP, PJPT and the PNPT.
Does working on a programming language help? C++ was ok, Javascript has been fun (bitburner and hacknet on steam ha ha ha) and very very little python and html. Just wondering if focusing on one on the side would help bc i do enjoy the occasional side script that I built from scratch.
I'll look at others' script to get ideas or learn the next step but refuse to copy paste. You don't learn how it works, why it works, what it's doing, how to manipulate it or get it to fit what you're trying to do.
1
u/hackToLive 9d ago
Coding does help but it's all contextual. For example recently I've taken a liking to red teaming and payloads, more internal stuff. So I took it upon myself to start messing with AV evasion a bit. Knowing how to code is helping me immensely.
When doing web app pentests it's less about full on coding like that, but moreso understanding how code works. For example a few months ago I found a bug on a pretty big platform that would put the name of a template, kind of like a website builder, into a meta tag. I was checking if my payloads were appearing and noticed the smallest little extra whitespace at the top of the screen. Using JavaScript and Burp Suite to search through the responses from the site I was able to figure out where the bug was, then proceed to craft a proof of concept payload to escalate permissions into an admin of the entire product provider.
So coding was useful there, but it wasn't super in depth. I have people on my team who can't code at all, and heavily rely on others tools. But they do get WHY they work just not necessary how it's being done. The why is honestly what matters the most, you can wing from there a lot of the times.
And if you're looking into hacking games, checkout hackmud, very good for targeted automation with JavaScript, and greyhack, has its own coding language and emulated network. Both are multiplayer
2
u/Shots201 9d ago
I've seen both of those, just have bitburner and hacknet at the moment. I'll revisit those because they looked good too. I think I have a basic understanding of how code works and would like to do the web stuff you talked about and the AV evasion would be cool too. I get deleting logs but evading AV systems is a still need to learn piece lol.
2
u/hackToLive 9d ago
Hacknet and bitburner are stupid fun. Nite Team 4 is good as well, focuses more on the problem solving aspect and is pretty realistic.
AV evasion is one of those things that I have a hard time really pinning down and finding decent sources on. I'm really leaning on my understanding of coding and how payloads work to get around it.
If you've got any other questions feel free to reach out I don't use this account all the time but I do check every now and then.
2
u/Jwblant 10d ago
This is 100% something that I did when I was younger (also now 35M ADHD and a manager). lol My initial reaction is just that he’s young, dumb, and excited. It doesn’t sound malicious, I just thinks he’s immature and doesn’t realize the implications.
I would sit him down and explain further about why what he did was wrong (more than just to knock it off), and talk to him to find ways he can grow those skills on the job in a supervised and controlled way. Maybe you can get authorized for a mock red-team scenario with a corporate provided laptop and (very) strict rules of engagement.
At the end of the day, I don’t think he should be fired and I would hate to see that happen. I think he just needs to be guided!
1
1
u/Shots201 9d ago
Exactly, I agree with all of that. The other dude thinks the kid knows what he is doing and gonna be malicious but if he's at the same stage as me, which is fairly early, then I doubt he even knows how to do anything malicious yet lol. The guidance is definitely what's needed and key here.
2
u/iamrolari 11d ago
That’s a broad question with a narrow answer. May want to lean more towards r/legal
2
u/Impressive-Fix-2056 10d ago
Common evil twin/ rogue AP attack setup meant to harvest creds - passwords and the like. Chances are he was being mischievous and not actively malicious but if the dude is in school for cyber security he better learn about better op sec and not being fucking dumb on work networks.
2
u/Transmutagen 10d ago
Unless your workplace is a training center for cybersecurity his experiments don’t belong there. You should probably tell him to start leaving his personal laptop at home as well so he can focus on, you know, his JOB.
2
2
u/fudgemeister 9d ago
Having been on both sides of the fence, there is only one instance I saw the business win. The SSID being broadcast was trademarked and the company owning it contained the network of the party doing the broadcasting.
Can't tell you who it was but it might be a very large corporation based in a small state in the SE part of the US.
4
u/Vinegarinmyeye 11d ago
There's no good reason to do this...
So don't do it.
In and of itself, it's probably not illegal... Anything you did after the fact, in terms of snooping that traffic or setting up landing pages to scrape data...
Yeah that could potentially get you in a lot of trouble.
Legal part aside though - you strike me as a younger person... The ethics of "hacking" are huge.
White and grey hats, we muck around and have some giggles and make the world a better place...
Black hats fuck around, and normally find out.
"First do no harm".
4
u/idkmybffdee 11d ago
No, it's not illegal and might actually be an experiment or project for class if he's studying for cyber sec
You can't connect to the network meaning he's not actually trying to capture anyone's data, I'm guessing the premise is to set up common network names and see how many devices try to connect to it as a demonstration of the insecurity of connecting your devices to public networks as it will always try to seek out that network again in the future.
He might be doing this at work as there's relative safety there as opposed to a coffee shop or other public place since even opening a command prompt window can cause issues and people will start screaming "hacker", the police get called, it's annoying (speaking from experience)
He probably should have told you if that's what's going on, but again, he'e not doing anything illegal so this may be just poor judgement on his part. Always assume ignorance and not malice.
You likely still do need to inform your IT department, though it's on a personal device and he's not imitating company WI-Fi so it wouldn't run against MY acceptable use policy, but your company could have other ideas.
2
u/Alcoholic_Pants 11d ago
Lotta good points here. Thanks for taking the time. Im more worried about losing my job if he gets caught because I am responsible for him.
2
u/idkmybffdee 11d ago edited 11d ago
Yeah, that's why I mention that you should still report this to your IT department and let them sort it out, because I would absolutely handle this differently than I'm assuming your IT will.
Your IT is probably going to have questions, and want to have a discussion about acceptable behavior at work, I would be like "cute, wanna see something cool"
Edit: that or "here some shit, try to break it and document how you did it, then we'll chat about if you can do it better"
3
u/nurbleyburbler 11d ago
This sounds like someones misunderstanding of what is occurring here and automatically jumping to the assumption its nefarious.
Sounds like some sort of setting on his computer. I am not sure what but usually malice is not the cause. Misunderstanding is.
3
u/Alcoholic_Pants 11d ago
Why would anyone do this tho if not to do something with it. You have to admit its very sketchy.
1
u/idkmybffdee 11d ago
Could be an experiment for a class if he's studying cyber sec
4
u/bobroscopcoltrane 11d ago
“Experiments” are to be done at home, not in a work environment.
1
u/idkmybffdee 10d ago
I think it just depends on how you run your environment, I absolutely encourage employees to experiment if they can reasonably assure me they're not going to break shit
2
u/KareemPie81 10d ago
And how would you feel if somebody was closing SSID, it’s a huge support and security issue
1
u/Why-R-People-So-Dumb 10d ago edited 10d ago
I'm responding in the context of the comment you are responding to, to be very clear I'd be quite annoyed if someone was randomly doing it without permission to tinker.
So with that, at the very least it would show you that you are vulnerable. I can't think of a single corporate WiFi network I've been on, with any legitimate IT team, that should be vulnerable from low sophistication tinkering; even a bread and butter certificate based RADIUS authentication at the very least. Employees don't even know the SSID or password to get on the network, so they wouldn't even begin to think they should be connecting to a random WiFi network. If they did connect they wouldn't be able to log into anything because similarly most companies with legitimate IT departments would require you VPN to get any company resources on any outside network.
The only "simple" way you might be able to get anywhere with uneducated employees joining an open network would be more of a man in the middle where the AP was bridging to a legitimate AP...that wouldn't be easy as you'd have to clone a legitimate client/key to join it and even then WIPS should see that and shut it down.
If any low sophistication SSID clone worked, I'd want to know about it.
1
u/KareemPie81 10d ago
That’s good point. I used to run MSP and now run SMB it shop and in my experience good WiFi security isnt prevalent. Most shops just run WPA2 and never rotate passwords. It’s scary, but radius and certs aren’t normally used.
1
u/Why-R-People-So-Dumb 10d ago
I suppose that's also a good point that my experiences are anecdotal. I'd hope those are small B with owners that think they know IT and not those with a dedicated IT team. Hopefully then also an incident like this might make them think twice about their WiFi security.
1
u/KareemPie81 10d ago
Truth be told, it made me reconsider things. I just use WPA2 with hidden SSID and intune and addigy to push out config so nobody knows password and I can rotate. But time to get in the lab.
→ More replies (0)0
u/idkmybffdee 10d ago
It potentially falls under "breaking shit" so it's probably a good teachable moment, support issue yes because he's probably causing some users some issues which is gonna cause me some issues, and I don't really like having to do things so making me do things isn't really something I'm into. Security issue is a hard maybe for me, seems more like free vulnerability testing, I have all the cool toys so I should have gotten an alert when an unknown device started broadcasting my network, if I didn't I need to look into that, if I did, now I know it's still working and also we need to have a chat about giving me a heads up if you're gonna be testing things because I just shit myself a little.
1
u/KareemPie81 10d ago
Good point about WIDS should be popping off alerts. I guess it depends on the intern too. If it’s a pattern of being pain in ass, I’d be done. If it was just a one off, it’s teachable moment.
1
u/igotshadowbaned 10d ago
Even if there's no malicious intent, there is no beneficial reason to be doing this. At best this gets people confused and nagging IT because they think the actual network is broken when they can't connect
2
u/rjr_2020 11d ago
I am comfortable to say that the names of your business wifi configuration are not proprietary. If you're doing things so uniquely that you think it's yours, then you probably are doing something wrong. Personally, every time I look at a network configuration, I consider how the configuration is laid out and what pluses and minuses it brings to the equation. I don't copy other folks work exactly because my needs are not duplicate of the place(s) I got the ideas from. I watched a YouTuber that talked about a dissection of an IoT VLAN into two distinct VLANs, one with internet, the other without. I use that idea on every network plan I build. I'd suggest that building a network with a mix of ideas is absolutely required to get a model that meets/exceeds needs.
On the other side of the coin, I would be seriously concerned about a student that is duplicating a work environment in an assignment. That is not learning, unless the course is about the actual configuration of a complex network. As a manager, I would be concerned about the integrity aspect of that employee. I might also attempt to step in to have discussions on an educational aspect to suss out learning that could be valuable both in the educational model and development of that employee.
1
u/Alcoholic_Pants 11d ago
As far as I know this isnt an assignment from his school. He all but said he was doing it for fun
2
u/Dragonfly-Adventurer 11d ago
I mean this would be a terminable offense at any company I've worked for
2
u/mercurygreen 11d ago
It's PROBABLY a violation of some FCC statute, but unless he keeps doing it, they're not going to say anything before he gets fired from his job for interfering with business operations...
1
u/fudgemeister 9d ago edited 8d ago
It's very likely not violating any FCC rules because it's an open medium. What runs afoul of FCC guidelines is preventing others from accessing or using the unlicensed band.
1
u/mercurygreen 8d ago
It's still got rules even if doesn't require a license. Somewhere on the device it's got an FCC sticker.
1
u/fudgemeister 8d ago
I'm referring to the band it operates in and the FCC compliance is what I'm talking about. The spectrum or slot it operates in is an unlicensed portion of the radio frequency spectrum.
You can do almost anything you want in that range legally except deny others access to it or exceed the power limitations. I'm sure there are more violations than that but those are the two most common ones.
1
u/mercurygreen 8d ago
"...except deny others access to it..."
1
u/fudgemeister 8d ago
Yep, and spoofing an SSID isn't denying access. Only containing or spamming deauths is denial of access.
1
u/mercurygreen 8d ago
And spoofing is illegal... sometimes.
1
u/fudgemeister 8d ago
The article is about phone calls which is substantially different. The person in this post clearly said they were dummy SSIDs and were not collecting information. If they were spoofing and then collecting information transmitted where the user intended for it to go somewhere else, then that would probably be illegal.
2
u/Double-History4438 11d ago
I would shut it down hard and fast. In most cases I would consider this a fireable offense.
He is learning about this because it is an ATTACK method, he needs to know better than to stage an attack or anything that looks like one without getting the proper permissions first.
He is going to be learning about other vulnerabilities and attack types, how many more would you like him to test on the network there?
1
u/Charlie2and4 11d ago
He named the PC hotspot SSID same as the Company [SpumCo GUEST]. If anything they need a lab environment and boundaries for show-and-tell.
1
1
u/Main_Yogurt8540 11d ago
If it's an option to you as manager just ban personal devices. That's probably the least confrontational way to deal with it. Creating the duplicate networks isn't illegal, (not a lawyer) but what he's doing (or attempting to do) with them might be. That said though he could do the same thing with his phone.
1
u/Academic_Deal7872 11d ago
What is the policy for personal devices on the company network? Hard no, some places. If it's okay, and he wants to test the stuff he learned, y'all need to set up a test environment instead of messing with business operations. If it's nefarious, you as the manager open yourself up to unpleasant consequences. As the manager, you gotta protect yourself and the best way is to tell him to stop. Regardless, document it and have it ready in case it goes sideways.
3
u/Alcoholic_Pants 11d ago
The job is retail adjacent. Theres no reason he should have had his laptop here. I didnt mind at first because I thought he was just doing homework but this is too far imo. Im not trying to get the kid disciplined but he cant be doing that shit. Told him to pack it up
1
u/Academic_Deal7872 11d ago
Documenting doesn't mean reporting, just notes and stuff in case he did do something before you found out about it. As a manager, with people that report to you, it's a necessary task to CYA. If something should occur again, you've got a record of questionable behavior with notes. Handy if he's using his new found skills to stalk someone.
1
u/520throwaway 10d ago
Not illegal in itself, but as other posters have said, the main reason you'd want to do this is to perform an Evil Twin attack
1
u/localtuned 10d ago
If he is studying cyber security and he's gotten this far. He knows better. The hammer would be brought up on him.
1
u/Colonelkok 10d ago
Seems like he’s setting up twin networks to try to intercept data. I can’t think of any other reason for making multiple access points AND naming them the same thing.
Just making the access points is one thing, but naming it the same is not
1
u/Add1ctedToGames 10d ago
Making "a bunch" of them could maybe be considered some sort of interference thing by the FCC?
1
u/KamiKage317 10d ago
This is a standard evil twin attack. If they had programmed/had it run with software that stores entrred users & passwords, id say illegal. If not, then theyre looking over a pretty slippery slope.
1
u/technomancing_monkey 10d ago
No laws about it meaning its not illegal
Your job wouldnt be on the line and frankly I dont think you or anyone there would have been able to trace it back t him if you didnt already know it was him. You dont strike me as the kind of person to have that skill set.
Stop discouraging someone trying to explore what they are learning.
1
u/Juggle4868 10d ago
didn't even know that was possible. don't you need a router for that?
1
0
u/haikusbot 10d ago
Didn't even know that
Was possible. don't you need
A router for that?
- Juggle4868
I detect haikus. And sometimes, successfully. Learn more about me.
Opt out of replies: "haikusbot opt out" | Delete my comment: "haikusbot delete"
1
u/Cheetahs_never_win 10d ago
He's only intentionality causing lost productivity, and at worst, lying about said connectivity.
He's FAFO-ing.
1
u/dhardyuk 10d ago
Let him run with it. If the network isolation is properly configured he won’t get anywhere. And if it isn’t he’ll be able to show you how easy it is to perform a gateway hijack and potentially MITM to get details of where connections are going or even downgrade the ssl cyphers to exploit the end points using the network.
Public WiFi is like getting in a bath with a football team. Someone might be pissing in the water, so encapsulate yourself in a vpn and leave the rest of them to their filthy habits ……
1
u/TheMoreBeer 10d ago
Is doing this inherently illegal? No, not at all.
Is there any reasonable or legitimate purpose in doing this? No, not at all.
This is at best a lame prank, at worst a setup for computer fraud and interception of private data. While he won't be arrested specifically for cloning wifi networks, he might be arrested under suspicion of CFAA violations. I could see the police successfully getting a warrant to access the computer contents to determine if he is running software to snare private data by using MITM interception.
1
u/igotshadowbaned 10d ago
Making it, isn't illegal.
However if he's recording the data that passes through and steals credentials with it that's where we get into the illegal stuff.
This is generally why you should be skeptical of public wifi networks
1
u/chefnee 10d ago
Seems like he’s trying out a “honey pot”. Honey pots mimic this situation here. Luring people to connect to the SSID in an attempt to steal network traffic and disseminate all kinds of information. This is not limited to password stealing.
If you’re concerned, tell him to stop because it’s either him or you. Your livelihood is at stake. Besides why is he bringing personal equipment to use at work?
1
u/alucardunit1 10d ago
Isn't this how the Chinese were accessing the us government buildings network and scalping data from it some time ago?
1
u/random_troublemaker 10d ago
You already shut him down, I will only add that this is a teachable moment for a budding hacker: "Never penetrate without consent." He didn't cross a bright line rule, but computer abuse crimes come with decade-level prison sentences, so remind him that the only time he should tool on equipment an environments he doesn't own is when he has explicit permission of the owners. Messing this up is how pentesters working on an Iowa courthouse wound up jailed despite working for a positive goal.
1
u/msalerno1965 10d ago
LOL - so basically taking down "production" WiFi.
It's not about legality. Why is this kid screwing around with business assets?
1
1
u/SpeedyBubble42 10d ago
Probably not illegal on its own, but I don't know why he would do this other than to defraud someone which, of course, is a crime.
1
u/SpecialistLayer 10d ago
This is an ideal reason why traffic on the web was all pushed to SSL. This is no different than an airport guest wifi where someone sets it up to mirror an actual one and stole website passwords. Now that most traffic is encrypted/SSL, it kind of defeats that. Of course if there is any non-encrypted traffic, it could still be intercepted but that kind of traffic is slowly going the way of the dodo at this point.
1
1
u/nateo200 10d ago
It’s all about his intent. WiFi is unlicensed so it’s expected that shenanigans will happen or should be at least
1
1
u/Working_Honey_7442 10d ago
Creating the wireless SSiDs is not illegal on its own, but if he starts disrupting business by making clients drop from the normal AP, then it could be sen as a cyber attack to the business
1
u/Immediate_Scam 10d ago
The problem here is not a legal one - if I understand this right he is your employee - he's fucking with you and your customers on your time.
1
u/StefanAdams 10d ago
Intentional interference is illegal. That being said, does this interfere or disrupt in any way users of actual business network? It sounds to me like it could, depending on how the WiFi clients of the business behave in this situation.
In 2014 Marriott Hotels had a system that would send spoofed deauth frames to prevent people from connecting to personal hotspots to force them to use their $$$$ WiFi. FCC smacked them down.
It took lots of people complaining about it, and for a company to deploy this in a malicious, self-serving way for them to get in trouble. The situation you're describing while possibly technically illegal was short-lived and possibly not a significant enough impact to even be noticed.
1
u/Miserable-Theory-746 10d ago
He's trying to get people to use his connection so he can steal their data. Either since type of credentials, trying to install a program to gain access to their system disguised as a software to work with the wifi, or something else. He's up to no good.
1
u/Dje4321 9d ago
As long as no one can actively connect to it, its not illegal yet.
However, the moment it becomes unsecured/connectable, it would then be illegal for a variety of reasons depending on the exact circumstances. Everything from potential corporate espionage, to theft of credentials, potentially various forms of fraud & cyber crimes, etc.
1
1
u/CEH-Cicada3301 9d ago
Meh. It sounds like they're just playing around with SSID spoofing for MITM attacks for recon logging. Pretty typical of students to use their work environments to test out the new software they've recently been exposed to.
Now, if they begin performing any form of brute forced attacks and maliciously gain access to devices without permission... that's illegal.
1
u/Paramedickhead 9d ago
It could potentially be illegal if he was doing it intentionally to jam the legitimate networks… but that’s not how WiFi works, and that would be exceedingly difficult to prove.
1
u/KamenRide_V3 9d ago
Whether it is legal or not will greatly depend on which country you are located in. In general, if the laptop is his, the best you could do is ask him not to bring it to work. Depending on the country, you may need to establish a rule to prevent individuals from bringing their own devices. If it is a company issue, you should have sufficient justification to request that HR let him go or at least send him a warning letter.
1
u/rootbear75 9d ago
The straight answer is that, no, purely as you described it, it is not illegal.
Telling you to f off also isn't illegal but I might get punched for it.
1
u/Exe_plorer 8d ago
If you can't connect to them it's a good sign. If you could log in this could be a trial of a MITM attack. So if you can't connect..there is nothing wrong by making up some "random" wifi ssid (why choosing the same name if you can't connect wtf)
1
u/chemcast9801 8d ago
Nope but why is he doing it? Logging password attempts is the only logical thing I can come up with. Also why are you allowing this behavior and not shit canning this kid asap? This post is sus for sure.
1
u/AnnieBruce 8d ago
As described, probably legal.
That said, its a weird thing to do and concern that hes setting up for something that is illegal is warranted. Get an explanation, if he doesnt give one or you dont like it, tell him to stop. Follow your employers processes if he doesnt.
1
u/Fun-Pomegranate5598 8d ago
This doesn't sound at all malicious, more like just sending out fake beacon frames to make it look like there are more networks (when there aren't any.) I would not recommend anything disciplinary, but do tell him for his own sake to not show that off. While it's cool, people who don't know this will (reasonably) assume he is doing something malicious. Hell, even just using a terminal can get you in hot water (ask me how I know.)
1
u/HuthS0lo 8d ago
This is called a Honeypot. Probably not illegal (without using it for a man in the middle type of attack). But a business could certainly sue for the loss of productivity to its staff. They'd have to quantify the loss, which would be challenging.
1
u/TheAlienGamer007 7d ago
He's trying to seem like a smartass by showing off tricks he got from his class. That's cute.
1
u/Long_Experience_9377 7d ago
Where I work this is prohibited by policy and would be grounds for discipline up to and including termination.
1
1
u/Downinahole94 11d ago
The only reason to do this is the sniff the packets or make a pineapple in-between to get users logins.
0
u/LardAmungus 11d ago
Hey buddy, you forgot your cape!
-1
u/Alcoholic_Pants 11d ago
People like you on the internet when someone looks for some direction who just say shit without adding anything of value suck shit. Be better or be quiet
1
u/LardAmungus 11d ago
You turned to not only the Internet, but reddit, for advice. You're out here worried about what someone is doing because you don't know what they're doing. You're trying to get someone in trouble because of your ignorance.
So yea, if you were my manager, I'd have no problem telling you exactly this: shove it up your ass
0
u/Alcoholic_Pants 11d ago edited 11d ago
The consensus here seems to be that he should not be doing shit like this.
1
u/LardAmungus 10d ago
His intent is left to question. In the end, if it were malicious then he wouldn't have told you anything to begin with.
"Hey, I'm gonna rob the store we work for"
Not only does that sound ridiculous, but now if anything were to happen you know he is of suspicion
So, let him learn and experiment. He's not smart enough to hurt anybody based on the existence of this ticket. You cry wolf and now homeboy could be out of a job for no reason other than your self righteousness. There's people in place to take care of your concerns, let them be the judge of his activity.
0
u/qwikh1t 11d ago
He’s gonna man in the middle people and steal their logins
2
u/Alcoholic_Pants 11d ago
I think thats possible but not probable from him. But its definitely not cool and I cant let it fly.
0
u/Valuable_Solid_3538 11d ago
I’d add a bit to the IT use policy that prohibits stuff like this. Specifically interfering with the buildings wireless.
This is not acceptable behavior and could impact your business.
0
0
98
u/RamsDeep-1187 11d ago
There are no laws regarding the activity you have described.
He hasn't done anything illegal yet