[ISN] Security scare for business laptops

From: InfoSec News (isn@private)
Date: Tue Apr 06 2004 - 07:08:25 PDT

Next message: InfoSec News: "[ISN] EPA improves security compliance"

Previous message: InfoSec News: "[ISN] Linux Security Week - April 5th 2004"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory&c=StoryFT&cid=1079420167575&p=1012571727085

By Chris Nuttall in London
Published: April 5 2004

Business travellers are unwittingly making company secrets available
to rivals by ignoring the risks of local wireless networks, known as
wi-fi hotspots, security experts warn.

IT security experts who have carried out checks at hotels, railway
stations and other public places equipped with wireless internet
access technology have found the networks and users' computers are
often insecure. "It's actually happening: there is competitive
intelligence being gathered," said Richard Hollis, chief executive of
Orthus, a security firm.

Hackers - who need little specialist knowledge - can access contents
of a rival's laptop because other users' files are visible to anybody
using an unsecured wireless network. Hackers are also using wi-fi
hotspots to store their files on other computers.

"I'm walking into corporations and commercial hotspots that are
finding things on their networks that they didn't put there and it's
scaring the hell out of them. What if someone used such a network to
store paedophile images or to attack a bank? The company would be
liable," said Mr Hollis.

Nevertheless, wi-fi is an "incredibly securable technology", Mr Hollis
insists. Users need only disable file-sharing on their laptops and
install a firewall to prevent them being hijacked.

In the UK the Institute of Directors, which provides free wi-fi access
to members from different companies using its premises, says it has
not suffered any major incidents but is "aware of the major security
issues."

Broadreach Networks, which provides wi-fi hotspots, says its equipment
has firewalls that prevent hackers seeing any other machines connected
to the hotspot.

But Magnus McEwen-King, chief executive, said: "Not all networks have
done this to prevent hackers getting access."

_________________________________________
ISN mailing list
Sponsored by: OSVDB.org

Next message: InfoSec News: "[ISN] EPA improves security compliance"
Previous message: InfoSec News: "[ISN] Linux Security Week - April 5th 2004"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 06 2004 - 09:47:20 PDT