HOME     MENU     SEARCH     NEWSLETTER    
TECHNOLOGY, DISCOVERY & INNOVATION. UPDATED 11 MINUTES AGO.
You are here: Home / Mobile Security / Airport Networks Can Grab Your Data
Gartner Report:
Enterprise Endpoint Backup -- What You Need to Know and Why.
Access Report Now
Your Data Can Be Stolen on Airport Wireless Networks
Your Data Can Be Stolen on Airport Wireless Networks
By Peter Piazza / Sci-Tech Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MARCH
03
2008

The next time you're in an airport terminal with your wireless notebook on, there's a good chance you're exposing your or your company's data to others. Even worse, the wireless network you're connected to might be completely insecure -- or even be running on the laptop of the guy sitting next to you.

Researchers from AirTight Networks visited 14 airports around the world and discovered that most business travelers aren't taking the basic steps necessary to protect sensitive data. "We found that only three percent of all mobile users were using virtual private networks (VPNs), so most of their data was free and clear to anyone who could sniff the airwaves," said Mike Baglietto, director of product marketing for AirTight Networks.

With little effort the researchers were able to see what Web surfers were looking at, and even capture their cookies (small text files that allow Web sites to identify and track users). "There's a huge data-leakage exposure," Baglietto said. "We're able to track people's cookies in the air, and once you start getting a user's cookies, you could impersonate that user" to steal their banking credentials, for example.

Insecure Access Points

Web surfers weren't the only ones operating insecurely, Baglietto told us. Most of the wireless networks the AirTight researchers checked out were insecure.

The team noted 478 access points, of which 57 percent were completely unprotected, and another 28 percent were protected by WEP (wired equivalent privacy), an encryption protocol that is easily broken. Even worse, 77 percent of the networks were not hot spots (networks offered by the airport or a provider like T-Mobile). Rather, eight out of 10 were insecure networks run by shops, restaurants and even the airport back offices.

The names of some of the access points -- for example, e-Baggage Trial -- gave the researchers clues that those networks were being used for airport operations like baggage handling to airline ticketing. Just like the other access points, Baglietto said these were also insecure.

The potential for an attack on airport systems is enormous, and such an attack would have catastrophic ramifications. "Imagine somebody doing a denial-of-service attack on the baggage infrastructure at San Francisco or Heathrow airports," Baglietto said. "It would send the entire airport into total chaos" and would likely impact air travel around the globe.

Viral Connections

The researchers also noted a huge outbreak of viral ad-hoc wireless networks. A laptop with this infection broadcasts itself as a free mobile hot spot. Other laptops inadvertently connect to it since it has a strong signal that wireless cards search for. Once connected, a laptop becomes infected itself and convinces other computers to connect to it.

"The biggest risk that creates is that all your shared folders are exposed to everyone else on that network, so you could be sitting in the airport completely unaware that your laptop is connected to the guy sitting next to you" with your personal and corporate data exposed, Baglietto said. One out of 10 users was infected, the researchers noted, and in one airport five users were connected to the same viral network.

Simple and common-sense measures can prevent these problems. AirTight advises executives to use VPNs and not to connect to any unknown wireless networks in public places. It also said users should periodically look at their Wi-Fi configuration and remove any unneeded networks from the preferred list. Users should also disable "ad hoc" connectivity in public places and turn off wireless connectivity when it's not being used.

Read more on: Wireless, Notebook, Airport, Cookies
Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Get Powerful App Acceleration with Cisco. In a world where time is money, you need to accelerate the speed at which data moves through your data center. Cisco UCS Invicta delivers powerful, easy-to-manage application acceleration for data-intensive workloads. So you can make decisions faster and outpace the competition. Learn More.
MORE IN MOBILE SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

ENTERPRISE HARDWARE SPOTLIGHT
Making a major change to its usually staid design philosophy, HP unveiled an all-in-one PC with built-in projector and surface-enabled touch, designed to make 3D scanning and printing easy.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.