Want to disrupt a flight? Just give your Wi-Fi hotspot this name…

Graham Cluley
Graham Cluley
@[email protected]

Closeup of Wifi name

American Airlines Flight 136 from Los Angeles to London Heathrow was supposed to have left at 9pm last night.

Instead, the plane returned to the gate, and passengers were held on the aircraft for three hours (initially being told there was a “maintenance issue”) before being disembarked and told their journey would now be delayed until 1pm local time today.

The reason?

Sign up to our free newsletter.
Security news, advice, and tips.

Looks like some joker prevented a flight from leaving Los Angeles International Airport yesterday, by choosing to name their Wi-Fi hotspot something that was bound to raise eyebrows.

Did they choose “Bill’s iPhone” or “Free WiFi”?

No. They chose “Al-Quida Free Terror Nettwork” (sic).

When a passenger spotted the curiously-named wireless access point was listed as available for Wi-Fi connection via their smartphone, and alerted a flight attendant, the chances of the plane leaving on time evaporated.

ABC News screenshot

Read more about the incident in this report from ABC 7 Eyewitness News.

I don’t know what’s worse – the poor spelling used by whoever dreamt up the Wi-Fi hotspot name, or the fact that they were offering an unencrypted connection.

One thing is clear. If a real terrorist wanted to disrupt an air flight they don’t have to go to the effort of sneaking in explosives or phoning in a bomb threat. They can just create a Wi-Fi hotspot with a suspicious-looking name.

Because a real terrorist would use such a hotspot name, right? Sigh…

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

5 comments on “Want to disrupt a flight? Just give your Wi-Fi hotspot this name…”

  1. Coyote

    That's the interesting thing. I think you know what I'm getting at, too. No matter how stupid, how absurd or how out of the world (or maybe which airspace it is from…) it might be, they have to address it. Because while it is unlikely that anyone planning such an attack would also bring attention to themselves, it could happen (even some sort of decoy – imagine one flight being delayed while and having attention on it while another is in trouble, or…). You just never know. The sad reality is humans (far too many) tend to lower their guards the moment things seem safe (enough). The thing is, there is never safe enough to let your guards down, because the moment you do you're then at risk. And this has happened over and over again – we're taking care of the situation, we're increasing security… and sure they do it for a while (or they claim to to some degree) but nothing happens so they lower their guard. Because the attack in 2001 was the first plane hijacking, right? Lockerbie bombing never happened, neither did any of the other hijacking that occurred through several decades back. Look at NASA who time and again has made claims about improving their policies and defences and then in the future the same type of attack (perhaps the same or very close to same exploit) they claimed they would address, was not addressed for long enough (or I would argue in the case of NASA: it wasn't at all). And that is their computer network (and equipment)…

    As for this joker, I know that if they find them, they are facing the possibility of a felony, they take it that seriously (it = making jokes, suggesting things like that). Maybe it shouldn't be but it is the way it is. Big mistake on their part. I don't sympathise with him/her though. I just will acknowledge that it was a very foolish thing to do, very very foolish indeed.

    1. Coyote · in reply to Coyote

      "After further investigation, it was determined that no crime was committed and no further action will be taken," the airport said in a statement to Eyewitness News on Monday.

      Interesting. That goes to show exactly what I mean with lowering guards. I know there have been incidents where some making jokes did have legal issues even though they meant no harm. So either they did not find the person (or they're ignoring it), or they once again are too lax (yes, the choice of words is of course intentional)… Or perhaps they've improved their policies and I of course do not mean improve in the literal meaning of the word. Amazing yet not too surprising, either.

  2. Pheenis Groompt

    "…no crime was committed…"

    What utter rubbish. Were any of the people whose time was utterly commandeered for sixteen hours compensated?

    If the American Airlines made the decision that cost their passengers such a loss, then they should provide restitution. If the decision was made by some state bureaucrat, then the state should compensate them. Then they can get it out of the hide of the jerk/jerkette who thought this little prank was so amusing. That kind of amusement should come at a high price — one that everyone else should not be made to pay.

    Of course a crime was committed…one for which none of the passengers have any recourse. That's called tyranny.

  3. 0z_

    Not surprised they didn't bother pressing charges because only a mental midget would consider wasting their time and money trying to criminalise a silly SSID.
    My neighborhood is filled with weird SSIDs, and I doubt anybody really thinks "NSA Scanner" or "Nigerian Princes Free WiFi" are threats.

  4. Sheogorath

    @ Oz_: People don't think unusual SSIDs are a threat? Tell that to the person who quit getting me sent copyright infringement notices after I renamed my Wi-Fi MoD Malware Development Lab. ;D

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.