BEWARE HOTSPOT HACKER ATTACKS

Going online these days exposes your PC to all kinds of cyber-nasties such as viruses and spyware. To combat them, we use anti-virus and anti-spyware software. You also can subject yourself to a wide variety of hacker attacks that try to access your computer. These kinds of attacks try to steal your passwords, credit card numbers, banking information and any other kind of sensitive information you may have stored on your computer's hard drive.
For those problems, we install firewalls that hopefully let only the good data come in. That's all well and good when you're using your computer at home or at the office. But what about when you take your portable computer to a Hotspot?

Hotspots are venues that offer wireless access to the Internet. Typical public Hotspots include libraries, airports and other commercial locations such as restaurants and coffee houses like Starbucks. It turns out that when you go wireless, accessing the data to and from your computer is even easier to get than it is when you are directly wired to a network. After all, it's being transmitted out over the open air so it's readily accessible to anyone who knows how to reach out and grab it.

One example of how hackers get your wireless data is via an "Evil Twin."
Say you're about to log onto your local Starbucks' T-Mobile connection to gain access to the Internet. Nearby, an attacker with an ordinary laptop running special software can interfere with the Hotspot's legitimate network connection by sending a stronger signal from a base station positioned close to the wireless client (Starbucks) thus turning the fake access point into a so-called Evil Twin. You see a website that looks identical to the legitimate T-Mobile logon screen you normally see, asking for your user name, password or a credit card number. But in fact, you are really logged onto the Evil Twin website. So when you enter in your account information, everything is being captured by the bad guys.

Some of the more simplistic Evil Twin sites will just say that the service is temporarily down and to try again later. You leave never suspecting that your sensitive information has already been captured and stolen. More sophisticated Evil Twin sites may actually supply you with Internet access so that wherever you go, everything you type and receive is also being intercepted and stolen. And you may never be the wiser until it's too late.
So what do you do?

On Computer America, I recently interviewed Richard Rushing, the Chief Security Officer for AirDefense. The company makes AirDefense Personal, an end-user software agent that protects users of Hotspots and other networks from wireless risks that could expose private data and transactions. His advice is to never give out proprietary information while using a Hotspot.  Just surf the net for casual purposes. Never use anything that requires a password or access anything that you wouldn't want anyone else to know. The other thing you can do is use AirDefense Personal. The software is specially designed to first help reconfigure your computer's operating system so that is less susceptible to hacker attacks. For example, it disables Bluetooth, and turns off bridging and ad hoc modes.

AirDefense Personal checks for a variety of suspicious behaviors such as an unusually high amount of wireless data transmitted compared to what you ordinarily transmit. And best of all, AirDefense Personal is free. The company bills it as their lite version but according to Rushing, the only other thing added to their full version is useful only to enterprise environments. So for the single average user, the lite version is all you'll need. Currently in its version 2.0 release, AirDefense Personal can be downloaded from the company's website at www.airdefense.net

So go ahead and enjoy the convenience of being able to wirelessly access the Internet. Just make sure that you use some common sense, a dash of caution and AirDefense Personal. With these precautions in mind, you'll be more inclined to stay cool at your Hotspot.