At a time when all PC users are aware of Internet security issues, a surprising number of business executives let their guard down when using Wi-Fi networks on the road. Perhaps they would be a bit more careful if they realized that a large number of Wi-Fi networks are almost completely open to all comers. And, if they knew that many Wi-Fi users have sinister motives and malicious purposes in mind.
"War-driving" (also known as "LAN-jacking") is when hackers use a laptop’s wireless network interface card (NIC) to pick up unsecured wireless local area network (LAN) signals to gain access to anonymous and free high-speed internet access. The hackers cruise around various neighborhoods with their laptop, armed with antennas, on the lookout for vulnerable wireless networks. This practice is well known, and many who do it are merely trying to get Internet access for free. However, some "war-drivers" have malicious intentions and are looking for ways to gain entry into other PCs using wireless networks. Given the proliferation of Wi-Fi networks and the fact that "war-driving" requires no sophisticated software or hardware, this form of network invasion is a serious problem that continues to grow. Using a global positioning satellite (GPS) with wireless NICs, hackers can map out major metro areas to build a directory of wireless networks - secured and unsecured networks. Using readily available programs to break into your WLAN, most hackers only require patience to successfully break your Wired Equivalent Privacy (WEP) encryption. If you don’t understand how Wi-Fi operates and fail to take some proactive steps to protect your laptop, you are setting yourself and your business up for some serious security problems.
Wi-Fi Security Efforts
Internet security experts suggest you pay attention to the basics, and stay informed about new developments and new solutions:
- Incorporate wireless security threats into your technology security efforts. Get expert advice if necessary and update your Internet security policies and procedures to reflect the risks wireless devices pose to your business network.
- Although Wi-Fi’s basic WEP encryption alone is inadequate to protect data from determined sophisticated hackers, it will deter casual "war-drivers". And, it is important to make sure it is set up properly on the wireless access point on every PC to help cut your security risks. If you change your key frequently - once a week is recommended for small businesses - you will help shore up the WEP protection.
- Microsoft’s Windows XP supports a Wi-Fi Protected Access (WPA) standard that is an improvement over the WEP. Keep apprised of new developments and enhancements to the WPA standard.
- Educate everyone in your company about the need for Wi-Fi security vigilance. Don’t just give them copies of new policies or procedures. Take the time to explain why compliance is so important.
- Connect the wireless access point to a security gateway rather than directly to your network. Purchase software and/or security services to help protect individual PCs.
Computing mobility is a fact of business life. Keep your Internet security regularly updated and don’t leave your network vulnerable to attacks from wireless hackers.