We all know how important a password can be. This is especially true when that password is used on multiple systems. In my past articles I have talked about how to protect one’s passwords from compromised machines that could have Trojans installed on them.
There are however many more risks to this.
Wireless access points
We’ve all been at an airport waiting for hours for our connection flight. In most cases we have laptops, PDAs or even mobile phones that can connect wirelessly to the internet provided we find an access point to use. Sometimes you find a paid service that allows you to access cyberspace, whilst other times you hit the jackpot and find a free access point. The same happens at bars and restaurants, but what’s the implication of this? The truth is that you do not really know what you’re connecting to! It could very easily be a malicious person sitting nearby with his laptop, providing an open access point in order to sniff everything that he proxies through.
Even with paid services, one isn’t necessarily safe. It might be a scheme to get your credit card details. One small PDA in a hand luggage, a laptop for a casual person doing whatever while his PC is waiting to capture the credit card details entered by a victim who believes that he’s buying wireless access from some major vendor only to be told that the transaction failed. No big deal, when he checks the balance he will not have been charged, that is until his stolen credit card is used. However it’s likely to happen months later and even if you remember this particular incident and make the connection you’re surely not going to remember the face of every person with a laptop at the airport on that day!
Even at shops, bars and restaurants you don’t really know what’s happening to your data as you surf away. It might be that some employee at that establishment is logging all traffic going through its network. It’s quite likely that a bar providing free internet access will not monitor his systems closely so it might have been compromised and a malicious hacker could be monitoring all that is going through the network. It could also not be the bar’s wireless network at all, maybe it’s the hacker next door who sets up an open relay to exploit his optimum location close to a bar to be able to spy on anyone who happens to connect to his system.
In any case it is essential to keep in mind that whenever you log in to a wireless access point that you do not control, you are taking a security risk.
With internet Cafés it’s mostly the same story as with the internet access points above. While it is less likely that the establishment is spying on you intentionally, it is quite possible that someone who used the system before you actually managed to compromise it and install key loggers / Trojans to monitor whatever you will be doing.
In this modern age satellites are being used for everything; from television to radio, positioning data and even providing internet access to remote areas. In most cases satellite internet is pretty fast and its only technical draw back is latency and some way to upstream. There is also a pretty nasty security issue with it as well. Wireless sniffing has made it easier to penetrate networks by allowing people to gain physical access to your network connection by proximity, instead of either needing physical access to the wire or a point between you and the destination. Satellite makes the situation worse because whatever you access though a satellite connection is transmitted to everyone in a geographical range the size of a continent! Anyone with a satellite dish can sniff any satellite transmission (some are encrypted but the majority are not and there is a technical reason for this) and they do this from the comfort of their home without any risk whatsoever.
This one is probably the least obvious. Your passwords are at risk on your Work network as well. If a disgruntled employee is running a sniffer on his machine it is possible that he might sniff passwords or confidential information that is traveling along the network. The amount here could vary depending on the network topology and infrastructure. We already discussed in a previous article how it is possible to sniff printouts which can then be replayed to any printer and reprinted. Passwords, confidential emails, confidential documents and even chats can provide a wealth of information that in some cases could possibly be valuable to a disgruntled employee who might want to get back at his employer.
What to do about it?
Now that we’re aware of the risks what can we do about them? There is no straight answer for this. The best thing is to not access any confidential data on an open connection such as wireless and Satellite. Use systems that require authentication only if the connection is encrypted. Internet cafés are another story; here encryption does not provide enough security. It is quite possible they might have key loggers and that your encryption will not protect your passwords at all. It might be safer to connect your own laptop whenever this is allowed, although there is still another risk because it might open you up to virus attacks since some machines on the network might be infected. Ultimately one must always be aware of security threats and avoid any potentially harmful scenarios wherever possible.