New Hampshire Bar Association
About the Bar
For Members
For the Public
Legal Links
Publications
Newsroom
Online Store
Vendor Directory
NH Bar Foundation
Judicial Branch
NHMCLE

A confidential, independent resource for NH lawyers, judges and law students.

Visit the NH Bar Association's Lawyer Referral Service (LRS) website for information about how our trained staff can help you find an attorney who is right for you.
New Hampshire Bar Association
Lawyer Referral Service Law Related Education NHBA CLE NHBA Insurance Agency
MyNHBar
Member Login
Member Portal
Casemaker

Bar News - May 9, 2008


Who’s Using Your Wi-Fi Network? The Risk of Surfing Unsecured

By:

In today’s tech-oriented world, where cell phones have become a staple and PDAs, laptops and multi-task devices are saturating the communications market, the number of wireless Internet connections and wireless computer networks is exploding. And cyber-criminals are exploiting the new territory.

Attorneys have a special duty to be wary. Ronald L. Weikers, an attorney for Manchester firm Weikers & Co., says that to operate wireless networks without proper security measures is a breach of Rule 1.6 of the NH Rules of Professional Conduct, which states that any information passed between a client and attorney is confidential in nature.

And maintaining that confidentiality and security is becoming harder as more and more professionals make the transition to wireless devices, says Melissa K. Royer, principal of Defender Data Recovery and Forensics Services in Manchester.

"We live in a target-rich environment; the gadgets are out there in abundance," says Royer. "Everyone has them, but they don’t all have the knowledge of how to make them secure."

Wireless – Wi-Fi – devices operate on wireless networks – any system with a data signal transmitter and one or more data signal receivers – and link back to a hard-wired base, such as a home computer or office computer network.

If these networks are not properly secured, says Royer, any person with a wireless device can access not only your Internet connection, but your computer as well.

Weikers agrees, saying that despite the freedom offered by wireless networks, they can be used for more nefarious purposes by hackers looking for a free ride.

"Access to your network may provide these people with an anonymous link to the rest of the world from which they can conduct their illegal operations," says Weikers.

This, Weikers says, is how spammers – those that send mass junk email – often float under the radar of security systems. Spammers, Weiker says, find unsecured wireless connections and use them to pump enormous levels of information into the public data stream, vastly slowing down and clogging the host’s Internet connection and computer network.

Hackers also use unsecured wireless networks as a way to hack into other computers.

"Hackers don’t use your connection because it’s free," says Weikers. "They use it because it’s untraceable."

While the connection may be untraceable to the hacker, it is most definitely traceable to the source network owner. This means that the owner of a network that is used for criminal activity may be liable, regardless of whether or not he or she knew that the connection was being used illegally.

In fact, according to a March 18 article in the Concord Monitor, a Concord woman was arrested for possession of child pornography, which police found during a "wide-ranging cyber-crime investigation." The woman claims that the images were not hers and her attorney in the case, which is still pending, says that either the computer was used by someone else who downloaded the photos or the woman downloaded them accidentally from a file-sharing website.

More importantly, it’s possible for hackers to use your computer network as an access point to the rest of the Web. Weikers says that it’s not uncommon for hackers to use unsecured networks as a jumping-off point for their crimes.

"You may simultaneously be the first victim and the one liable for the crime," said Weikers. "If a hacker uses your computer to hack into a corporate network to steal credit card information, then you may be considered civilly liable for damages since you didn’t have adequate security protections on your network."

This can be seen in 2005’s hack of TJX Company’s computer system, where perpetrators stole the credit card information of more than 45 million customers. TJX Co., owners of the TJ Maxx chain of department stores, recently settled a civil lawsuit out-of-court for an undisclosed amount after banking companies filed suit against the company for reparations of costs incurred during the reissuing of millions of bankcards.

"You can be the victim and also be liable," says Weikers, "especially if your computers are used to attack a final victim who in turn suffers heavy losses."

Now, the average attorney may not be handling tens-of-millions of dollars worth of accounts, but experts say the lesson should not be lost: Information is valuable; any information. Attorneys and firms shouldn’t wait until their data and information is compromised to step-up security.

Prevention and Protection

Following are some ways that experts say can help prevent hackers from using your network to commit crimes and can also prevent the theft of sensitive information:

Turn off file/printer sharing – This stops other computers on your network from being able to freely access data on your computer. Visit www.microsoft.com or www.apple.com and search file-print sharing for more information.

Turn on your firewall – Make sure that the firewall software that comes with your computer is turned on and up-to-date. You can set these programs to automatically authorize and deny access from other computers. Visit the operating system’s website to learn about updates that may be available.

Turn off your wireless card when it’s not in use – Just because you’re not using the Internet doesn’t mean your computer isn’t. Turn off your wireless card when it’s not in use to prevent people from accessing your computer or connection.

Password protect your data – Password protecting your computer and individual files stops people who may otherwise break through other security measures and protects your most sensitive data.

Use encryption software – Encryption software, which can be purchased or downloaded for free from some educational organizations, codes all information that is sent via email, so that even if a hacker or bystander receives the information, it is meaningless without a decryption code.

For more information or to send additional helpful hints, contact Craig Sander at csander@nhbar.org.

Your New Hampshire resource for professional investigative services since 2005.

Home | About the Bar | For Members | For the Public | Legal Links | Publications | Online Store
Lawyer Referral Service | Law-Related Education | NHBA•CLE | NHBA Insurance Agency | NHMCLE
Search | Calendar

New Hampshire Bar Association
2 Pillsbury Street, Suite 300, Concord NH 03301
phone: (603) 224-6942 fax: (603) 224-2910
email: NHBAinfo@nhbar.org
© NH Bar Association Disclaimer