YOU ARE HERE: LAT HomeCollections

Ensnared on the wireless Web

Hackers' latest tactic to steal information is setting up fake hotspots that users unwittingly use to access Internet.

March 16, 2007|Tami Abdollah | Times Staff Writer

As Los Angeles and hundreds of other communities push to turn themselves into massive wireless hotspots, unsuspecting Internet users are stumbling onto hacker turf, giving computer thieves nearly effortless access to their laptops and private information, authorities and high-tech security experts say.

It's an invasion with a twist: People who think they are signing on to the Internet through a wireless hotspot might actually be connecting to a look-alike network, created by a malicious user who can steal sensitive information, said Geoff Bickers, a special agent for the FBI's Los Angeles cyber squad.

It is not clear how many people have been victimized, and few suspects have been charged with Wi-Fi hacking. But Bickers said that over the last couple of years, these hacking techniques have become increasingly common, and are often undetectable. The risk is especially high at cafes, hotels and airports, busy places with heavy turnover of laptop users, authorities said.

"Wireless is a convenience, that's why people use it," Bickers said. "There's an axiom in the computer world that convenience is the enemy of security. People don't use wireless because they want to be secure. They use wireless because it's easy."

For Mark Loveless, just one letter separated security from scam.

Logging on to his hotel's free wireless Internet in San Francisco last month, Loveless had two networks to choose between on his laptop screen -- same name, one beginning with a lowercase letter, one with a capital. He chose the latter and, as he had done earlier that day, connected. But this time, a screen popped up asking for his log-in and password.

Loveless, a 46-year-old security analyst from Texas, immediately disconnected. A former hacker, he knew an attack when he saw one, he said.

Most Internet users do not.

About 14.3 million American households use wireless Internet, and this figure is projected to grow to nearly 49 million households by 2010, according to JupiterResearch, which specializes in business and technology market research.

"There's literally probably millions of laptops in the U.S. that are configured to join networks named Linksys or D-Link when they are available," said Corey O'Donnell, vice president of marketing for Authentium, a company that provides security software. "So if I'm a hacker, it's as easy as setting up a network with one of those names and waiting for the fish to come."

Linksys and D-Link are two of the many commercial brands of wireless routers, products that allow a user to connect to the Internet using radio frequency.

As the field of wireless connectivity expands, so too does a hacker's playground. More than 300 municipalities across the country are planning or already operating Wi-Fi service.

Los Angeles Mayor Antonio Villaraigosa last month announced plans for citywide Wi-Fi in 2009. USC already offers free wireless, and by the end of March, Los Angeles International Airport will officially offer wireless at all its terminals under a new contract with T-Mobile.

Some airlines already offer Wi-Fi at LAX. "There are no signs for any service at all, so if any passenger is accessing a free wireless service ... they should be cautious," said Nancy Castles, an airport spokeswoman.

A survey at Chicago's O'Hare Airport by Authentium revealed 76 peer-to-peer networks, or access points that are connected to via another user's computer, with 27 of them advertising access to free Wi-Fi -- a trademarked term for the technical specifications of wireless local area network operation. The company also found that three of the networks had fake or misleading addresses, one sign the hotspots could be hackers.

"At a busy place like O'Hare, in one hour a bad guy could get 20 laptops to connect to his network and steal the users' account information," said Ray Dickenson, vice president of product management at Authentium, who conducted the survey last September.

Corporate networks are sometimes the most vulnerable, as employers push for a more mobile workforce without always educating its users on the security risks of wireless Internet.

Many workers rely on corporate firewalls in the office and an automatic default network setting that links them to their corporate networks. Outside the office, the firewall is no longer in place. That means the computer is unprotected. Once hackers have "got a toehold in a network, it's pretty much game over," Bickers said.

Most laptops are configured to search for open wireless points and common wireless names, whether or not the user is trying to get online. That leaves people open to hacking.

In two new attacks, called "evil twin" and "man in the middle," hackers create Wi-Fi access points titled whatever they like, such as "Free Airport Wireless" or an established, commercial name.

Los Angeles Times Articles