Wi-Fi worry: Laptops at risk of attack

As communities push to turn themselves into massive wireless hot spots, unsuspecting Internet users are giving hackers nearly effortless access to their laptops and private information, authorities and high-tech security experts say.

It's a growing invasion with a twist: People who think they are signing on to the Internet through a wireless hot spot might actually be connecting to a look-alike network, created by a malicious user who can steal sensitive information, said Geoff Bickers, a special agent for the FBI's Los Angeles cyber squad.

It is not clear how many people have been victimized, and few suspects have been charged with Wi-Fi hacking. But Bickers said that over the past couple of years, these hacking techniques have become increasingly common, and they are often undetectable. The risk is especially high at cafes, hotels and airports, busy places with heavy turnover of laptop users, authorities said.

"Wireless is a convenience; that's why people use it," Bickers said. "There's an axiom in the computer world that convenience is the enemy of security. People don't use wireless because they want to be secure. They use wireless because it's easy."

Case sensitive

For Mark Loveless, it was a just a letter that separated security from scam.

Logging on to his hotel's free wireless Internet in San Francisco last month, Loveless had two networks to choose between on his laptop screen — same name, one beginning with a lowercase letter, one with a capital. He chose the latter and, as he had done earlier that day, connected. But this time, a screen popped up asking for his log-in and password.

Loveless, a 46-year-old security analyst from Texas, immediately disconnected. A former hacker, he knew an attack when he saw one, he said.

Many Internet users do not.

About 14.3 million American households use wireless Internet, and this figure is projected to grow to nearly 49 million households by 2010, according to JupiterResearch, which specializes in business-and-technology market research.

"There's literally probably millions of laptops in the U.S. that are configured to join networks named Linksys or D-Link when they are available," said Corey O'Donnell, vice president of marketing for Authentium, a company that provides security software. "So if I'm a hacker, it's as easy as setting up a network with one of those names and waiting for the fish to come."

Linksys and D-Link are two of the many commercial brands of wireless routers, products that allow a user to connect to the Internet using radio frequency.

As the field of wireless connectivity expands, so too does a hacker's playground. More than 300 municipalities across the United States are planning or already operating Wi-Fi service. Google and EarthLink are working to bring wireless access to all of San Francisco.

Area connections

In the Puget Sound area, Wi-Fi hot spots provided by businesses or private enterprises are widely available, but in Seattle, the city has chosen not to go the Wi-Fi route, opting instead to look at deploying Internet access through fiber lines.

A survey at Chicago's O'Hare Airport by Authentium revealed 76 peer-to-peer networks, or access points that are connected to via another user's computer, with 27 advertising access to free Wi-Fi. The company also found three networks had fake or misleading addresses, a sign that these hot spots could be the work of hackers.

"At a busy place like O'Hare, in one hour a bad guy could get 20 laptops to connect to his network and steal the users' account information," said Ray Dickenson, vice president of product management at Authentium, who conducted the survey in September.

Most laptops are configured to search for open wireless points and common wireless names, whether or not the user is trying to get online. That leaves people open to hacking.

In two new attacks, called "evil twin" and "man in the middle," hackers create Wi-Fi access points titled whatever they like, such as "Free Airport Wireless" or an established, commercial name.

In the "evil twin" attack, the user turns on a laptop, which might automatically be trying to connect behind the scenes. When it does connect, it is connecting to a fake access point, or "evil twin," and the hacker gets into personal files, steals passwords or plants a virus.

The attacker can become a "man in the middle" when he funnels the user's Internet connection through this false access point to a true wireless connection. The unsuspecting Wi-Fi surfer then might proceed to enter credit-card information, access e-mail or reveal other sensitive data. Meanwhile, the session appears ordinary to the user.

Although the FBI has been aware of this kind of attack for about five years, its use has increased in the past couple of years, Bickers said.

"The actual tools you need, the software, the hardware, etc., to mount this sort of attack has become insanely easy to acquire," Bickers said.