Archive for September, 2010

Wi-Fi Security. Dangers Of The New Era.

Tuesday, September 28th, 2010

Easy access to the Internet is becoming headily popular all over the world, being therewith extremely insecure. Our company has prepared a list of rules and recommendations concerning Wi-Fi security and computers protection from virus software while working via open Wi-Fi access points.

It’s summer. More and more people prefer to work in the open air instead of sitting in stuffy offices. At times you can see many people in a city park relaxing on a bench, by a fountain together with a laptop.

Your confidential information is in danger.

Your confidential information is in danger.

And, actually, it does not matter what exactly they are doing – working with the e-mail or your internet-banking, uploading pictures, using blogs or simply surfing the web.

All of them are connected to the Internet using Wi-Fi access. Every day more and more hotspots become available to users and practically every large city offers such access points.

From the perspective of any software developer who deals with information security issues, there is no secure access to the Internet in the street. Wi-Fi architecture cannot boast of any real security whereas the encryption and access isolation algorithms used here possess weak cryptographic strength and can be easily cracked.

According to the recent ABI Research the number of Wi-Fi hotspots all over the world is steadily growing.

Free Wi-Fi Hotspots number is rapdily growing.

The number of free Wi-Fi Hotspots is rapidly growing.

According to 2008 research results, the largest number of hotspots was found in Europe. For several consecutive years the UK has been the leader in the total amount of hotspots.

The most significant growth in the number of hotspots was recorded in France, Germany and Russia. Today we can easily say that open Wi-Fi access technology exists almost in every major city in Europe and even in the Middle East.

The leading computer security specialists believe that one of the worst types of the threat is the so-called “man in the middle” attack.

This expression is frequently used in cryptography and describes a situation when an intruder can read and modify messages of other correspondents so that neither of the parties will notice the presence of the intruder.

”An attacker may be connected to the same network, is able to constantly control your Internet connection and replace Internet-pages waiting for the moment when you give him your confidential information into his hands”.

Anti-virus researchers add:

”No matter what goals you pursue connecting to the insecure Wi-Fi network, we advise you to use only the protected HTTPS protocol to access the webmail. We highly recommend to avoid using the sites which require personal data entry, such as Internet-banking service.”

It’s not that hard to protect yourself from undesired consequences as it may seem. You should simply introduce a set of changes to your software security policy.

There are several principal security threats while using free Wi-Fi hotspots:

  • The possibility to intercept your personal data which you enter to access various servers, payment systems or bank terminals. The networks set up by hackers resemble legitimate Wi-Fi free access points.
  • An attack of a computer connected to the same hotspot with the help of an unknown malware, which is absent in virus signatures’ base.
  • Sniffing – the interception and analysis of your Internet traffic by attackers may lead to the loss of confidential information.
  • Data leakage through the “man-in-the-middle-attack”.

smarthide_logoBy means of practicing the simple rules below you can prevent such attacks and ensure your Wi-Fi security:

  • Use SmartHide technology to connect to the Internet. It’s best to access the web through SmartHide tunnel set up in your network.
  • Use only secure protocols, such as HTTPS and POP3s to access the e-mail.
  • Disable confidential and personal data transfer through protocols which are not protected by secure data encryption algorithms.
  • Avoid using Internet-banking through public Wi-Fi networks unless you are under SmartHide Service potection.
  • Make sure that you’ve set up the firewall and antivirus software to block the incoming traffic, updated the virus signatures’ base and activated the extended heuristic analysis mode.