THE BLOG
06/04/2013 10:30 am ET Updated Aug 04, 2013

Airborne WIFI Not So Safe

Co-authored with Dr. Stephen Bryen

More than a few years ago a good friend and colleague of mine, who was a senior Vice President of a European telecom business, told me that he spent more than a little time flying back and forth from London to Paris. Harry -- his first name -- said it was the best flight ever and he jumped at the chance to go from capital to capital. Why? I asked. Because, Harry said, if you sit yourself more or less in the middle of the crowd you can get more business intelligence in forty five minutes than you can gather in a year from other sources. "It was as if the horse's mouth was next to you, and all you had to do was sit and smile," said Harry.

Alas, Harry passed away a decade ago so he no longer can take the London-Paris-London shuttle. But thousands of people do take shuttles and short flights, on well-worn business corridors. And more and more, as they fly they are offered at no charge, or for only a few dollars, the chance to use their laptops or iPads with onboard WIFI. Connect with WIFI and its like you never left the office. While it would seem easy to resist, since the flights often are brief, people like connectivity, and anyway it makes them feel functional, wanted and important.

All of this is very nice, but is there a Harry on board? There is a good chance he is there.

A modern Harry does not sit in the middle of the crowd and smile. Instead, when you see him you will think he is the airline's WIFI hookup. It will offer a strong WIFI signal, and let you get online lickedy split.

Problem is, maybe you did not connected to the airline WIFI at all. You connected to an interloper, a ghost, a fake. These used to lurk around airports. According to a BBB report, in 2008 there were 20 ad hoc hotspots at Chicago's O'Hare International Airport used by hackers to obtain information from computers and networks.

But now, thanks to smartphones, hackers can be airborne. For the price of a cheap ticket, they can pick off information from computers and iPads (and tablets) and later figure out what is important and what can be discarded.

Why kind of information? Important documents, critical emails, customer lists, passwords -- just to point to a few obvious hacking opportunity. How interesting is the stuff collected? There is business intelligence, personal information, here and there a scandal or two, and inside information that can be sold to competitors or passed off to unscrupulous journalists or even to foreign governments.

What can you do to protect yourself? First of all, avoid using public WIFI unless you absolutely must connect. It may be pleasant to use, but the danger of compromise is always there.

If you must use a public WIFI channel, make sure it is an authorized one and not a fake. Before you connect see what networks are available. If there is more than one that "looks like" the airline you are on, you probably cannot tell the real one from the fake. Turn your machine off, and have a drink (orange juice, of course).

If you still can't resist, use an alternative "clean" email client to send and receive mail. This will help protect your email archive if someone is gunning for it. If you have sensitive files on your machine, encrypt them, so if they are stolen they won't be worth much to a hacker. Never store passwords on your computer in any way, shape or form.

Keep in mind that stealing information is a big business, and hackers are everywhere. Most of them are professional. Some are foreign government sponsored. Some are sophisticated criminal organizations with significant resources. Don't forget criminals cooperate with governments, so they can be one and the same.

Never think that your are safe because you operate "below the radar" or you are not important enough to be exploited by a hacker. There isn't any radar anymore. What information you have may be useful to a hacker or a hacker organization, or it will provide leads to your colleagues or friends.

Next time you fly, think about flying Cyber Secure.