October 17, 2008
Trick or Treat: What lurks beneath a Public Access Point?
They are everywhere from Airports to Starbucks, at every corner, users have access to complementary
free internet. But have you ever wondered what lurks beneath those innocent hotspots?
Companies spend thousands on security every year, fortifying the corporate network
against a variety of security threats. However what happens when company laptops leave
the snugness of the corporate network and connect to free public hotspots?
So
if it’s risky, why do we use them?
With
globalization at its peak, employees sometimes are forced travel on behalf of organization.
Most likely these employees bring along their laptops so they can be productive while
they are away. And because “Free” wireless internet can be found almost in every corner,
employees probably take advantage of these opportunities to read the latest news,
check corporate email, log in to the company’s VPN
or simply check online agendas. Many employees think that these free internet connections
are as secure as their corporate networks, causing them to ignore basic security measures,
making them vulnerable to a series of security threats.
What
are the risks?
Generally
public hotspots lack any sort of security measures or mechanisms, making it possible
for other people using the same wireless connection to intercept sensitive information
sent across the Internet. There is a broad range of existing security threats which
can be lurking under these hotspots, such as:
- Sensitive
information that is not encrypted, or that is encrypted with poor cryptographic algorithms,
which are transmitted between two wireless devices may be intercepted and disclosed. - Attackers
may capture employee’s usernames and passwords, and later on using it to gain access
to the corporate network. - Attackers
may deploy unauthorized wireless equipment, also known as “Evil Twins” to lure laptop
users to use their “Spoofed access point”, capturing users every move. - Attackers
may alter the access point’s DNS, causing it to relay to name resolution requests
to cache poisoned DNS server, providing users spoofed websites full of key logging
applications. - Sensitive
corporate data may be extracted without detection from improperly configured devices.
- Attackers
may, through wireless connections, exploit a VPN split tunneling connection, connecting
to organizations with the purposes of launching attacks and or stealing sensitive
corporate information.
How
to protect yourself?
There
are a few things one can do to minimize their risk and exposure on public hotspots.
The main thing to keep in mind is that security is not a product or software, but
yes a process.
- Before
connecting to any public network, look around and locate a sign that advertises the
network you are connecting to and verify that the network name is the same as the
advertised connection.
- Disable
your wireless card if you’re not planning to connect to the Web or another machine.
It will protect you from intrusion and save your battery life. - Beware
of the information you share in public locations. Even innocent logins to Web-mail
accounts could give hackers access to sensitive information, since most people utilize
the same password for almost all online activities. - Utilize
a VPN whenever possible to encrypt your data, and stronger tools if you need to conduct
secure transactions. - Turn
off your laptop’s shared folders. If you join a compromised access point, a hacker
could easily load spyware agent to follow you even after you leave the public location. - Make
sure your laptop is properly patched with the latest security and OS patches. Use
security mechanisms such as disk encryption, firewalls and any sort of IPS or IDS
system. - Set
up email forwarding to a disposable address that you only access using public hotspots.
That way, even if an attacker gets access to that email account, he or she can’t access
the primary account.
For more
information on wireless security visit: http://www.sans.org/reading_room/whitepapers/wireless/1629.php