Written in Pentagon City, Virginia, and sent to TechRepublic from a train to London via wi-fi.
Hacking may have started with loners on a computer in a bedroom but it quickly migrated to team efforts with distributed and colocated groups doing their worst to create mayhem.
The apps and tools they developed soon appeared on websites as early examples of shared software. At first hackers concentrated on real-time access to machines and networks, but then rapidly progressed to viruses and worms, and all the forms of malware that are now so familiar.
Their next move was to go mobile with a laptop to conduct close-up operations. Illegal access via wi-fi and Bluetooth were the most popular routes into LANs, PCs, laptops and cell phones. Again, the apps and tools the hackers developed became openly available to anyone inclined to joined the dark side.
Just how exposed we all are can be quickly gauged by looking at our own wi-fi and Bluetooth panels when in a coffee shop or an airport lounge. It seems that an awful lot of people travel with their shields down, leaving their devices easily addressable.
In the latest phase we now see mobile devices – such as tablets and smartphones – used to carry out attacks on individuals and local networks. Device vulnerability has never been so high and LANs so prone.
Wi-fi linked printers, Bluetooth controllers, lax, disgruntled or frustrated IT staff who install open wi-fi hubs, and those who unknowingly, or unthinking, walk about with devices in an open-access mode are all vulnerable – and all pose significant threats.
But on top of all these weak spots, we also present low-tech opportunities to the hacker. These include: shoulder-surfing; medium-range screen capture using a camera; listening into verbal conversations; directly observing keystrokes; leaving machines and devices unattended while we visit the facilities or buy a coffee; using local wi-fi linked printers; and connecting our various devices by wi-fi.
So what can we do?
- Keep wi-fi and Bluetooth switched off when not in use.
- Use our devices in invisible, private or undiscoverable mode.
- Use good security software.
- Keep all software up to date – that includes the operating system, apps, and utilities.
- Monitor for all connection attempts.
- Be watchful – who is next to us and who may be watching?
- Monitor for the latest security info and updates.
Of course, we shouldn’t get paranoid about all these threats because they are manageable. But we all have to recognise the risk and we all need to improve our awareness and our IT habits to confound the enemy.