Wherever we go, it seems that our ability to access public wireless, or WiFi, networks is increasing by the day.
With just a laptop or even a WiFi enabled mobile phone, PDA or even MP3 player, we can now access the internet through public networks at an huge host of locations in any major city. Anywhere from fast food restaurants, coffee shops and bars through to trains, airplanes and even some taxi cabs, accessing the internet on the move has never been easier.
But does tapping into public networks pose a computer security risk? Is it safe to access a network connection that is in all likelihood being accessed by hundreds, if not thousands of people simultaneously?
Last week visitors to the SecTor 2009 Security Conference in Toronto, Canada experienced how secure WiFi networks were for themselves as conference organisers secretly bugged the WPA-secured wireless connection at the conference venue.
Organisers then demonstrated to visitors how they had managed to harvest hundreds of passwords, login credentials and a huge array of data on information that passed through the network, with delegates completely unaware that the data was being recorded.
“In 2009, we still have so many applications leaking credentials onto the wire, and we have people still deploying and using insecure protocols,” said conference organiser Brian Bourne. “Our intention with the Wall of Shame was to highlight that.”
This example was obviously a contrived example and the reality is that your typical coffee shop is unlikely to be full of online criminals attempting to hack intercept your email passwords, but there are steps that you can take to minimise the risk of your WiFi connection, be it at home or on the move, from being the target of hackers.
1. Only use secure networks
Only use a network that has been secured using some form of encryption. The most common forms of wireless encryption are WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access). Networks in public places will have their own form of user authentication system whilst others will be behind what is known as a “paywall” – where the user is charged for using the network.
2. Use a firewall
Make sure that you install a firewall on your PC to monitor and traffic coming into, and going out of, your PC and network. Most forms of antivirus software will include some form of firewall.
3. Be aware of who is around you
If you are in a public place; be aware of who is physically around you. The threat might not come from who is on the network but instead, from who may be looking over your shoulder.
4. Be selective over the data that you transmit wirelessly.
If for any reason there is data that you would be particularly nervous about transmitting wirelessly, don’t. Simply wait until you have the opportunity to physically plug your PC into a secure connection.
5. Don’t broadcast your SSID.
This isn’t a way to completely secure your network by any means, but it can reduce your risk to automated attacks. The SSID is effectively the identity of your home wireless network, and is broadcast to any PC within range.
Automated attacks, such as those using a ‘botnet’ look for a number of tell-tale signs that there is a wireless network in the vicinity, one of those is a broadcast SSID. By hiding the SSID, you can cut down on the amount of traffic your network gets from people trying to exploit vulnerabilities on random networks.