With London rumoured to join Norwich in becoming a WiFi city, security issues around WiFi hotspot access is growing. David Hobson, managing director at Global Secure Systems, has stated that this free bandwidth comes with an element of risk that all businesses should be aware of.
Hobson commented: “Once you are associated to an access point, you are on the same network as others connected to the same access point, in the same way as plugging into the same network segment. A simple network discovery will show who else is connected, and from there an unscrupulous user could try and access your machine. This may not be deliberate; a Trojan may automatically be scanning in the background for, and trying to infect other machines. In addition to the possibility of direct attack, your data is probably going to be ‘clear text’ – not encrypted.”
As to what to be on the lookout for, Hobson said the following points should be paid attention to: As you will probably be using clear text, do not use your bank account details when sitting in a public place using public WiFi access. You never know is hacking in as you type!; Shoulder surfing. Always be aware who is watching you. Don’t sit with your back to a crowd or window inviting unwanted snoopers to see you type your password or read your documents; If you are using business email, use a virtual private network between you and the business mail server. This will encrypt data and ensure no eavesdroppers read it; Your PC needs to have a personal firewall installed, and switched on. A basic firewall is provided within Windows now. Use it! This stops unauthorised access on to the PC.
Also: Ensure your anti-virus software is installed, up to date and working! This will defend against known virus or Trojan attacks; Turn off ad-hoc networking. WiFi has two methods of working, ad hoc and infrastructure. Infrastructure is when your PC connects to an access point, and then on to a wired network. Ad-hoc is when two PC’s communicate to each other directly without an access point. You really should ensure no one can network directly, unless there is a specific reason; Lastly, when accessing a hotspot be aware of hotspot high jacking. This is when a fake access point is used to fool you into connecting to it. It will record all traffic from your system. This type of attack is mainly used in internet cafes since access is open. Always try and make sure you connect to genuine access points.