Skip to main content

Wi-Fi Security: Some Advice from the FBI

You're at the airport waiting for your flight. With time to kill, you're thinking of connecting your laptop to the airport's Wi-Fi to check your office e-mail...do some personal banking...or shop for a gift for your spouse.

But first, consider this: odds are there's a hacker nearby, with his own laptop, attempting to "eavesdrop" on your computer to obtain personal data that will provide access to your money or even to your company's sensitive information.



Here's something else to consider: there are 68,000 Wi-Fi "hot spots" in the U.S. (see the graphic below for the top Wi-Fi countries), at airports, coffee shops, hotels, bookstores, schools, and other locations where hundreds or thousands of people pass through every day. While many of these hot spots have secure networks, some do not, according to Supervisory Special Agent Donna Peterson of our Cyber Division. And connecting to an unsecure network can leave you vulnerable to attacks from hackers.

How do hackers grab your personal data out of thin air? Agent Peterson said one of the most common types of attack is this: a bogus but legitimate-looking Wi-Fi network with a strong signal is strategically set up in a known hot spot...and the hacker waits for nearby laptops to connect to it. At that point, your computer—and all your sensitive information, including user ID, passwords, credit card numbers, etc.—basically belongs to the hacker. The intruder can mine your computer for valuable data, direct you to phony webpages that look like ones you frequent, and record your every keystroke.

"Another thing to remember," said Agent Peterson, "is that the connection between your laptop and the attacker's laptop runs both ways: while he's taking info from you, you may be unknowingly downloading viruses, worms, and other malware from him."

Businesses that offer free or ad-hoc Wi-Fi often don't know their networks have been breached. Individual victims usually don't realize they've been targeted either until it's too late. That's why, according to Agent Peterson, there aren't reliable stats on the number of these breaches, although the FBI does periodically receive reports on them. It's also very tough to trace a hack that originates on an open, unsecure network.

Agent Peterson explained that the criminal aspect comes into play once data taken by the hacker is used to commit a crime. If the hacker, armed with your personal or corporate information or access codes, tries to break into a secured network—whether it's a case of intrusion, identity theft, bank fraud, theft of intellectual property, or any other type of crime—then law enforcement gets involved.

What can you do to protect yourself? Agent's Peterson's best advice is, don't connect to an unknown Wi-Fi network. But if you have to, there are some precautions you can take to decrease the threat:

Make sure your laptop security is up to date, with current versions of your operating system, web browser, firewalls, and antivirus and anti-spyware software.
Don't conduct financial transactions or use applications like e-mail and instant messaging.
Change the default setting on your laptop so you have to manually select the Wi-Fi network you're connecting to.
Turn off your laptop's Wi-Fi capabilities when you're not using them.
For more basic information on computer security, see the FBI's How to Protect Your Computer webpage.
via technology.findlaw.com

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...