Newsletters
Technology, Discovery & Innovation NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Computing Digital Life Discovery Space More Topics...
Vblock™ Systems:
Advanced converged infrastructure
increases productivity & lowers costs.

www.vce.com
Business Intelligence
Average Rating:
Rate this article:  
Your Data Can Be Stolen on Airport Wireless Networks
Your Data Can Be Stolen on Airport Wireless Networks

By Peter Piazza
March 3, 2008 1:55PM

Bookmark and Share
Did you take basic steps to protect your notebook data? If not, it may be falling through holes in an insecure wireless network at the airport or some other location. Or you may be connected to the wireless trap run by the guy next to you. Researchers could even grab cookies leaking from other wireless users and from there access their identities.
 

Related Topics

Wireless
Notebook
Airport
Cookies


The next time you're in an airport terminal with your wireless notebook on, there's a good chance you're exposing your or your company's data to others. Even worse, the wireless network you're connected to might be completely insecure -- or even be running on the laptop of the guy sitting next to you.

Researchers from AirTight Networks visited 14 airports around the world and discovered that most business travelers aren't taking the basic steps necessary to protect sensitive data. "We found that only three percent of all mobile users were using virtual private networks (VPNs), so most of their data was free and clear to anyone who could sniff the airwaves," said Mike Baglietto, director of product marketing for AirTight Networks.

With little effort the researchers were able to see what Web surfers were looking at, and even capture their cookies (small text files that allow Web sites to identify and track users). "There's a huge data-leakage exposure," Baglietto said. "We're able to track people's cookies in the air, and once you start getting a user's cookies, you could impersonate that user" to steal their banking credentials, for example.

Insecure Access Points

Web surfers weren't the only ones operating insecurely, Baglietto told us. Most of the wireless networks the AirTight researchers checked out were insecure.

The team noted 478 access points, of which 57 percent were completely unprotected, and another 28 percent were protected by WEP (wired equivalent privacy), an encryption protocol that is easily broken. Even worse, 77 percent of the networks were not hot spots (networks offered by the airport or a provider like T-Mobile). Rather, eight out of 10 were insecure networks run by shops, restaurants and even the airport back offices.

The names of some of the access points -- for example, e-Baggage Trial -- gave the researchers clues that those networks were being used for airport operations like baggage handling to airline ticketing. Just like the other access points, Baglietto said these were also insecure.

The potential for an attack on airport systems is enormous, and such an attack would have catastrophic ramifications. "Imagine somebody doing a denial-of-service attack on the baggage infrastructure at San Francisco or Heathrow airports," Baglietto said. "It would send the entire airport into total chaos" and would likely impact air travel around the globe.

Viral Connections

The researchers also noted a huge outbreak of viral ad-hoc wireless networks. A laptop with this infection broadcasts itself as a free mobile hot spot. Other laptops inadvertently connect to it since it has a strong signal that wireless cards search for. Once connected, a laptop becomes infected itself and convinces other computers to connect to it.

"The biggest risk that creates is that all your shared folders are exposed to everyone else on that network, so you could be sitting in the airport completely unaware that your laptop is connected to the guy sitting next to you" with your personal and corporate data exposed, Baglietto said. One out of 10 users was infected, the researchers noted, and in one airport five users were connected to the same viral network.

Simple and common-sense measures can prevent these problems. AirTight advises executives to use VPNs and not to connect to any unknown wireless networks in public places. It also said users should periodically look at their Wi-Fi configuration and remove any unneeded networks from the preferred list. Users should also disable "ad hoc" connectivity in public places and turn off wireless connectivity when it's not being used.
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Business Intelligence
1.   Mark Hurd's 5 Keys to Market Success
2.   Twitter Acquires Data Analyzer Gnip
3.   Silverpop: IBM Marketing Gets Personal
4.   Teradata Intros QueryGrid Analytics
5.   Tool Analyzes Tweets for Companies


advertisement
Twitter Acquires Data Analyzer Gnip
Company has been partner since start.
Average Rating:
Tool Analyzes Tweets for Companies
Customer satisfaction analyzed, rated.
Average Rating:
Mark Hurd's 5 Keys to Market Success
Using a 'customer-obsessed' strategy.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Where Do Web Sites Stand, Post-Heartbleed?
A security firm says the vast majority of Web sites have patched themselves to protect against the Heartbleed bug, but now there are questions raised on the reliability of open-source programs.
 

Navigation
Sci-Tech Today
Home/Top News | Computing | Digital Life | Discovery | Space | Innovation | Health | Science News
Environment
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.