Jan 22, 2004

Do you know who’s been using your computer lately?
Wifi allows neighbors and others to access your information

By Rick Dexter
Special to the Times

Bill’s WLAN. STARFLEET. Julie’s DSL. Sound familiar? If you have a wireless computer network in Almaden, one of these may be the name of your system.

Wireless, or WiFi as it’s become known, is a new rage in computer networking technology. A WiFi system installed in your home or business instantly provides a wire-free network connection to your computer network, accessible by any PC or laptop equipped with a low cost radio transmitter. These “Hotspot” connections can have a range from 50 feet up to several hundred feet or more.

WiFi devices transmit over public radio waves similar to the radio frequencies used by cordless phones and baby monitors. The key word here is public. With a laptop and about $100 in equipment and good antennas, any wireless-savvy techno geek can effortlessly seek out these WiFi signals and use them to access an attached computer, often from your business parking lot or your neighbor’s driveway. In a matter of seconds, this mobile-hacker can be accessing the Internet using your personal DSL, or worse yet, reading credit card information on your computer system, accessing your company’s accounting records, or even installing a program on your PC in order to later access it over the Internet, even through your firewall.

When I talk with people about wireless security, the most common response I get is “I don’t really have anything I care about a hacker stealing.” However, if you ever type any personal information into an online web page, including passwords, bank account numbers, credit card numbers, or social security numbers, then all of these could be wirelessly “sniffed” or stolen from your computer using a number of different data collection techniques. Hackers use unsecured wireless networks as a great way to cover their tracks when they access much bigger fish, like government and corporate networks. This makes it look like the break-in attempt came from your system! I have also seen spammers sending out email via a computer attached to an unsecured wireless device. This slows down computers and internet connections, and makes them unreliable. The backlash could land your system on a “blacklist” of known spammers.

Businesses should be concerned about trade secrets, financial information, marketing data, and all the other data that’s stored on servers and individual PC’s. Once you connect your network to an unsecured wireless device, you may as well just print out all the data on your network and publish it in the newspaper. I often see “rouge” unsecured wireless access points showing up in the cubicles of employees. Laptops today commonly come with both a wired interface and a wireless interface, and believe it or not, a hacker could use the wireless interface to “bridge” into your network over the wired connection. Businesses should be very concerned about the WiFi devices installed in the homes of telecommuters who access the corporate network remotely. Someone could be breaking into your highly secured California network using an unsecured wireless signal from one of your home-based salespeople in New Jersey.

I hope I’ve made it clear how the issue of unsecured wireless access is an important concern to both homes and businesses. Now, how can you protect yourself? Next month, I’ll talk about some techniques you can use to secure your wireless system.

Rick Dexter is founder and CEO of NDYNAMICS Network Professionals and he lives in Almaden. Dexter has over 25 years of experience designing and supporting computer networks, particularly for small businesses and startups seeking reliable and scalable IT infrastructure. If you have a computer question that you would like to have answered in a future column, e-mail it to computerconnection@ndynamics.com.