The executive, a man in his 50s running a medium-sized Central Florida business, was excited about his brand-spankin’-new Apple MacBook laptop -- he loved it! He envisioned himself using the MacBook throughout his office’s open layout and large conference room, and didn’t want to be tied to his desk for Internet access.
He asked his company’s outsourced IT team if they offered wireless connectivity. They did not, and suggested he visit an office supply store to buy an off-the-shelf wireless router. They assured him he could set it up himself, no worries.
So he did. He bought a Linksys wireless router for about $60 and plugged it into the network jack at his desk. Now he could surf the Internet and work from anywhere in the office. And since he used it right out of the box, no wireless or security settings had to be setup on his laptop. It just worked!
A few days later he realized his Internet connection was running slow. He thought it was just his ISP and ignored it. But when the lag continued for days he got suspicious and called in a security expert to assess the situation.
What did they find? Someone connected to the wireless connection and was sitting on the local network -- as if they had a computer in the office, but were probably sitting in the parking lot. They had "sniffed," or captured, all of the wireless traffic to and from the Linksys router.
And what did that traffic tell the interloper? Password to access the company’s accounting and file server. They had logged into the server and were sending all of the files to a server in Asia. It was like someone was photocopying sensitive documents and carrying them out of the office in the middle of the day!
Since the hackers were good at what the do, they left no trail. And to this day our executive isn’t really sure what was taken and what was not.
Moral of the story? Wireless is good, but it MUST be set up correctly, with security and control parameters. Otherwise, someone in Asia, Africa, or Albuquerque might use your credit cards to go shopping!
