They are everywhere from Airports to Starbucks, at every corner, users have access to complementary free internet. But have you ever wondered what lurks beneath those innocent hotspots? Companies spend thousands on security every year, fortifying the corporate network against a variety of security threats. However what happens when company laptops leave the snugness of the corporate network and connect to free public hotspots?
So if it’s risky, why do we use them?
With globalization at its peak, employees sometimes are forced travel on behalf of organization. Most likely these employees bring along their laptops so they can be productive while they are away. And because “Free” wireless internet can be found almost in every corner, employees probably take advantage of these opportunities to read the latest news, check corporate email, log in to the company’s VPN or simply check online agendas. Many employees think that these free internet connections are as secure as their corporate networks, causing them to ignore basic security measures, making them vulnerable to a series of security threats.
What are the risks?
Generally public hotspots lack any sort of security measures or mechanisms, making it possible for other people using the same wireless connection to intercept sensitive information sent across the Internet. There is a broad range of existing security threats which can be lurking under these hotspots, such as:
· Sensitive information that is not encrypted, or that is encrypted with poor cryptographic algorithms, which are transmitted between two wireless devices may be intercepted and disclosed.
· Attackers may capture employee’s usernames and passwords, and later on using it to gain access to the corporate network.
· Attackers may deploy unauthorized wireless equipment, also known as “Evil Twins” to lure laptop users to use their “Spoofed access point”, capturing users every move.
· Attackers may alter the access point’s DNS, causing it to relay to name resolution requests to cache poisoned DNS server, providing users spoofed websites full of key logging applications.
· Sensitive corporate data may be extracted without detection from improperly configured devices.
· Attackers may, through wireless connections, exploit a VPN split tunneling connection, connecting to organizations with the purposes of launching attacks and or stealing sensitive corporate information.
How to protect yourself?
There are a few things one can do to minimize their risk and exposure on public hotspots. The main thing to keep in mind is that security is not a product or software, but yes a process.
· Before connecting to any public network, look around and locate a sign that advertises the network you are connecting to and verify that the network name is the same as the advertised connection.
· Disable your wireless card if you're not planning to connect to the Web or another machine. It will protect you from intrusion and save your battery life.
· Beware of the information you share in public locations. Even innocent logins to Web-mail accounts could give hackers access to sensitive information, since most people utilize the same password for almost all online activities.
· Utilize a VPN whenever possible to encrypt your data, and stronger tools if you need to conduct secure transactions.
· Turn off your laptop’s shared folders. If you join a compromised access point, a hacker could easily load spyware agent to follow you even after you leave the public location.
· Make sure your laptop is properly patched with the latest security and OS patches. Use security mechanisms such as disk encryption, firewalls and any sort of IPS or IDS system.
· Set up email forwarding to a disposable address that you only access using public hotspots. That way, even if an attacker gets access to that email account, he or she can't access the primary account.
For more information on wireless security visit: http://www.sans.org/reading_room/whitepapers/wireless/1629.php
Remember Me