Public Wi-Fi use raises hacking risk

ByABC News
August 7, 2007, 2:00 AM

LAS VEGAS -- Laptop road warriors beware: Wi-Fi hot spots that let you hop onto the Internet anywhere you travel leave you wide open to hackers.

"If you're using Wi-Fi in a public place and you're not getting hacked, it's only because there's nobody around bothering to do it," says Robert Graham, CEO of consultancy Errata Security.

Wi-Fi eavesdropping has long been a security concern. Anyone with a Wi-Fi-equipped laptop can download free Wi-Fi monitoring programs. An eavesdropper can sit up to 100 feet away and monitor what you do on the Net, says Rick Farina, security engineer for wireless security firm AirTight Networks.

There are no estimates of how often this happens. No one has ever been arrested for Wi-Fi hacking. But with Wi-Fi now in mainstream use T-Mobile and AT&T supply hot spots at more than 15,000 locations in the USA, and cities such as New York and San Francisco supply free public access points intruders are starting to take advantage, said security experts at recent Black Hat and DefCon security conferences.

Wi-Fi hot-spot hacks "are absolutely taking place," says Tom Brennan, technology risk manager for security consultant Access IT Group. "It's easy to do, and the reward is very high."

Brennan cites an example of a tech systems manager on a lunch break in New York's Bryant Park, who used his laptop via the city's free hot-spot hookup. The manager logged onto his company's network to troubleshoot a computer server. An eavesdropper nabbed his username and password. Later, someone used the information to access the server. "People are on the road using wireless, they get breached, and when they go back into their network, they're owned," Brennan said.