You’re at the airport waiting for your flight. With time to kill, you’re
thinking of connecting your laptop to the airport's Wi-Fi to check your office
e-mail...do some personal banking...or shop for a gift for your spouse.
But first, consider this: odds are there’s a hacker nearby, with his own
laptop, attempting to "eavesdrop" on your computer to obtain personal data that
will provide access to your money or even to your company's sensitive
information.
Here's something else to consider: there are 68,000 Wi-Fi "hot
spots" in the U.S. (see the graphic below for the top Wi-Fi countries),
at airports, coffee shops, hotels, bookstores, schools, and other locations
where hundreds or thousands of people pass through every day. While many of
these hot spots have secure networks, some do not, according to Supervisory
Special Agent Donna Peterson of our Cyber Division. And connecting to an
unsecure network can leave you vulnerable to attacks from hackers.
How do hackers grab your personal data out of thin air?
Agent Peterson said one of the most common types of attack is this: a bogus but
legitimate-looking Wi-Fi network with a strong signal is strategically set up in
a known hot spot...and the hacker waits for nearby laptops to connect to it. At
that point, your computer—and all your sensitive information, including user ID,
passwords, credit card numbers, etc.—basically belongs to the hacker. The
intruder can mine your computer for valuable data, direct you to phony webpages
that look like ones you frequent, and record your every keystroke.
“Another thing to remember,” said Agent Peterson, “is that the connection
between your laptop and the attacker's laptop runs both ways: while he's taking
info from you, you may be unknowingly downloading viruses, worms, and other
malware from him.”
Businesses that offer free or ad-hoc Wi-Fi often don't
know their networks have been breached. Individual victims usually
don't realize they've been targeted either until it's too late. That’s why,
according to Agent Peterson, there aren't reliable stats on the number of these
breaches, although the FBI does periodically receive reports on them. It's also
very tough to trace a hack that originates on an open, unsecure network.
Agent Peterson explained that the criminal aspect comes into play
once data taken by the hacker is used to commit a crime. If the hacker, armed
with your personal or corporate information or access codes, tries to break into
a secured network—whether it’s a case of intrusion, identity theft, bank fraud,
theft of intellectual property, or any other type of crime—then law enforcement
gets involved.
What can you do to protect yourself? Agent’s
Peterson’s best advice is, don’t connect to an unknown Wi-Fi network. But if you
have to, there are some precautions you can take to decrease the
threat:
-
Make sure your laptop security is up to date, with current
versions of your operating system, web browser, firewalls, and antivirus and
anti-spyware software.
-
Don't conduct financial transactions or use applications like
e-mail and instant messaging.
-
Change the default setting on your laptop so you have to
manually select the Wi-Fi network you’re connecting to.
-
Turn off your laptop's Wi-Fi capabilities when you're not using
them.
For more basic information on computer security, see our How to Protect Your
Computer webpage.
