Hackers Lurk Through Holes in Hot Spots

Wireless networks aren’t just popular with computer users on the go. Hackers are finding them an easy target to snoop on consumers’ laptop PCs and, eventually, their employers’ networks.

Digital intruders are piercing defenseless air space at corporations, public WiFi hot spots and homes to gain illegal entry to computers. About 90% of mobile devices lack protection, says market researcher Gartner.

“All the money you’ve spent to protect your corporate network is moot if someone hacks your laptop at a wireless access point,” says Joshua Wright, deputy director of training at computer-security firm SANS Institute.

The growing popularity of public WiFi hot spots — up to 30 million people will use them this year, vs. 9.3 million last year, says Gartner — is vexing for companies that want to take advantage of mobile technology without being burned by hackers and viruses. More than half of work-related laptops will have wireless capability by the end of the year, Gartner says.

WiFi, or wireless Internet, sends Web pages via radio waves. Hot spots are an area within range of a WiFi antenna.

The rise in wireless hacking attacks and viruses has led to what security experts call wireless transmitted diseases. Don LeBeau, CEO of security firm Aruba Wireless Networks, says at least one Silicon Valley company suspected it was the target of corporate espionage when it found an unauthorized device establishing a hot spot tucked away in a conference room.

Many hot spots do not require passwords. That lets anyone with a wireless connection and hacking know-how hop aboard the network and filch business files, credit card numbers and other confidential information.

Computers used at wireless access points often don’t have intrusion-detection devices and are unwittingly broadcasting the network they are part of to hackers. When a PC is infiltrated, that puts the entire organization at risk, analysts say. “Most individuals and networks [wouldn’t] even detect the entry,” said John Girard, research vice president at Gartner.

Wireless security risks are forcing companies to protect their air space with anti-hacking technology and to adopt policies on WiFi use. “Wireless is happening. They can’t bury their heads in the sand,” says Shai Guday, group program manager for wireless at Microsoft.

Others are opting to avoid wireless communications altogether. Market researcher Telephia installed equipment from Aruba Wireless Networks to detect and eliminate unauthorized wireless PC use within its San Francisco office. It might eventually use a wireless network, says Jason Fuchs, director of information technology. “Wireless is great, but security is more important,” he says.