Wi-Fi Hot Spot security: Connect with Care
Posted By RichC on August 28, 2007
As Wi-Fi becomes a way of life for many Internet connected notebook computer, PDAs and Smartphones users, there is a tendency to become too comfortable in ‘making the connection.’ I find it almost a necessity in my travel, but nevertheless, I do rethink the places I connect. Coffee shops, restaurants and hotels are pretty regular connections for me, but a conversation the other day with someone who mentioned that the Better Business Bureau is sending a clear warning to watch out for those free airport connections. The trend for hackers is to set up ‘fake Wi-Fi’ connections that emulate the many popular and heavily used hotspots.
When searching for connections, our computers see open network connections that are available and usually (depending on one your settings) require human intervention to initiate the connection. While one might be thinking it’s the free connection offered by the establishment, naive users may just accept the hackers fake connection and log on. Unfortunately, the network may actually be an “ad-hoc” network or a peer-to-peer connection. The user will still be able to surf the Internet, but they’re doing it through the hacker’s computer. According to an article by Steve Bernas of the BBB, “the hacker is stealing information such as passwords, credit card and bank account numbers and Social Security numbers. Beyond simply stealing keystroke information as the user enters various types of data, if the PC is set to share files, the hacker could even steal whole documents from the computer.” Mr. Bernas goes on to say that in a security review, “Chicago O’Hare had 20 ad-hoc networks present that were potentially designed with the intent of hacking into unsuspecting user’s computers and networks.”
The BBB offers the following advice
- Never connect to an unfamiliar ad-hoc network — even if the name sounds genuine. A hacker can change the name of his network to anything he wants, including the name of the legitimate Internet connection offered by the airport. Just because it has the same name as the Wi-Fi advertised in the airport, don’t believe it. For more information on how to distinguish between an ad-hoc network and a normal Wi-Fi network with Windows Vista or XP visit http://support.microsoft.com.
- Make sure that your computer is not set up to automatically connect to non-preferred networks. Otherwise your computer could automatically connect to the hacker’s network without your knowledge.
- Turn off file-sharing when you’re on the road to prevent hackers from stealing entire documents, files and unencrypted e-mail from your computer.
- Create a Virtual Private Network (VPN) for your business. A VPN establishes a private network across the public network by creating a tunnel between the two endpoints so that nobody in between can intercept the data. Many companies allow remote users to connect to corporate networks so long as they use VPN. This keeps the users’ communications just as secure as if they were sitting at a desk in the building.
Comments