|Think all Wi-Fi networks are
Think again. Many - even those used by business
travelers - are vulnerable. Here's how to protect yourself.
NEW YORK (CNNMoney.com) -- Think your
computer is secure when you log onto a Wi-Fi network at a major
Think again. Many Wi-Fi networks,
including some at major hotels frequented by business travelers, are
susceptible to attacks by hackers.
Even worse, these hackers don't
even need sophisticated tools to log onto your lap top and steal
your personal data or your company's intellectual property,
according to Dave Garrison, chief executive of iBAHN, a company that
builds secure networks for Wi-Fi "hot spots," or places where people
can access the Internet via a wireless connection.
Research commissioned by RSA
Security (Charts), which makes security tools and software, found
that 25 percent of corporate Wi-Fi networks in New York are not
secure, while 26 percent of corporate Wi-Fi networks in London are
not secure. About 22 percent of corporate Wi-Fi networks in Paris
are not secure.
That's a disturbing trend in an era
when data theft is on the rise. Over 88 million data records of U.S.
residents have been exposed due to security breaches since February
2005, according to the Privacy Rights Clearinghouse, a non-profit
consumer group devoted to privacy rights.
During a demonstration conducted
for CNNMoney.com at a large hotel in Manhattan, iBAHN chief
technical officer Brett Molen demonstrated how easy it is for one
person using a laptop or even a handheld device at an unsecured
wireless network to open, copy and delete files from the computer of
another user on the same network.
According to Molen, all a data
thief has to do is execute a few simple keystrokes within Windows,
the operating system for some 90 percent of laptops worldwide, to
take documents from another user on the same Wi-Fi network.
And attacks on hotel Wi-Fi networks
aren't limited to thieves who happen to be in the same hotel, using
the same network.
While it takes a couple of extra
steps, a hacker in his pajamas at his home in, say, Oklahoma City,
could hack the same Manhattan hotel's wireless network, provided he
had access to free "crimeware" that shows hackers the IP address, or
code identifying where a computer is hooked up to the Internet, of
vulnerable computers anywhere in the country.
Garrison said his own company has
been the victim of data breaches conducted over Wi-Fi networks.
When a consultant working for the
company used an Internet cafe and an unsecured laptop to e-mail a
letter to Garrison, a hacker grabbed the file and posted it on the
Internet with commentary scolding the company for not issuing
secured laptops to its employees. (The consultant was not an iBAHN
Safeguarding your computer
But there are many things business
travelers and other computer users can do to make sure their data is
safe when they're logging on from a Wi-Fi network.
Garrison recommends that users
first make sure they're using a secure network. Travelers should use
a "Virtual Private Network" (VPN) set up by the company or
encryption technology such as Wi-Fi Protected Access, or WPA.
"A virtual private network is like
your own encrypted tunnel from your computer to the computer you're
trying to reach," said Marc Rotenberg, director of the Electronic
Privacy Information Center. "Using VPNs is one of the best ways to
secure" your connection on Wi-Fi networks, he said.
Travelers should also disable the
file-sharing option on their laptops before they hit the road and
disable the "peer-to-peer" capabilities of the Wi-Fi network. (A
peer-to-peer wireless network transmits information from computer to
computer without the use of a central base station.)
They should also change the
administrator password, which is set to "admin" as the Microsoft
default, according to Garrison.
Another important step: assigning
passwords that contain both letters and numbers to Word or Excel
documents containing private information.
Travelers should also install and
use a personal firewall, according to Garrison. Computer users can
download free trial versions of firewall systems from Symantec
(Charts) and Internet Security Systems (Charts), among others. To be
extra safe, travelers should connect to wireless networks that offer
an extra layer of security that's provided by a third party.
Even vacationers need to be wary.
In its list of privacy tips for
summer travelers, the Privacy Rights Clearinghouse recommends that
vacationers exercise caution when using laptops for online banking
or other password-protected services from Wi-Fi networks on the
road. The PRC says travelers should be sure to use only Wi-Fi
"hotspots" that are secure.
The Internet Education Foundation
also offers tips on its Web site for connecting to Wi-Fi networks
securely. Most importantly, travelers should keep their laptops with
them or locked in a secure place. The highest-profile cases of data
loss have come from lost or stolen laptops.