[ISN] Security scare for business laptops

[InfoSec News]

http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory&c=StoryFT&cid=1079420167575&p=1012571727085

By Chris Nuttall in London 
Published: April 5 2004  

Business travellers are unwittingly making company secrets available 
to rivals by ignoring the risks of local wireless networks, known as 
wi-fi hotspots, security experts warn.

IT security experts who have carried out checks at hotels, railway 
stations and other public places equipped with wireless internet 
access technology have found the networks and users' computers are 
often insecure. "It's actually happening: there is competitive 
intelligence being gathered," said Richard Hollis, chief executive of 
Orthus, a security firm.

Hackers - who need little specialist knowledge - can access contents 
of a rival's laptop because other users' files are visible to anybody 
using an unsecured wireless network. Hackers are also using wi-fi 
hotspots to store their files on other computers.

"I'm walking into corporations and commercial hotspots that are 
finding things on their networks that they didn't put there and it's 
scaring the hell out of them. What if someone used such a network to 
store paedophile images or to attack a bank? The company would be 
liable," said Mr Hollis.

Nevertheless, wi-fi is an "incredibly securable technology", Mr Hollis 
insists. Users need only disable file-sharing on their laptops and 
install a firewall to prevent them being hijacked.

In the UK the Institute of Directors, which provides free wi-fi access 
to members from different companies using its premises, says it has 
not suffered any major incidents but is "aware of the major security 
issues."

Broadreach Networks, which provides wi-fi hotspots, says its equipment 
has firewalls that prevent hackers seeing any other machines connected 
to the hotspot.

But Magnus McEwen-King, chief executive, said: "Not all networks have 
done this to prevent hackers getting access."