Bermudian homes and businesses who do not secure wireless access are leaving themselves vulnerable to hackers who could get free Internet use and steal or destroy data.

An informal survey along the streets of central Hamilton spotted 90 different wireless networks in under an hour of which only 40 percent used encryption for privacy and nearly 30 percent were still using default settings - presenting an easy target for possible attack.

The survey, conducted by local IT security company QuoVadis, showed wireless use had increased by 50 percent compared to a similar survey in the same radius a year ago.

According to Walter Cooke, chief security officer of QuoVadis: “Hackers on the Internet require special skills and tools to pry into your computers”.

“By contrast, a poorly installed wireless network can allow an unauthorised user to pick up the network from the street with a simple laptop,” Mr. Cooke explained. “Once online, they can piggyback on your Internet access, browse your files, or even send spam.

“Wireless networks are very useful both at work and at home - our goal is not to scare people away, but to ensure that Bermuda's wireless users take the time to protect themselves against unintended risks,” he added.

A previous survey identified an international business which could be hacked into by someone sitting in the Robin Hood pub and several medical institutions in Point Finger Road whose patient records could have been easily viewed.

The study is part of the World Wide War Drive, a global effort to highlight the need for better security on 802.11 wireless networks.

“War driving” is the act of locating and logging wireless access points from public areas on the street. The QuoVadis survey showed just how easy it is: the team drove through the streets of Hamilton armed with a standard laptop, wireless card and special audit software that noted security information about the networks it encountered.

The networks weren't hard to locate - they broadcast their presence loudly and clearly. Each time the laptop found a network, it tried to do what its manufacturer intended: connect and start working. People wanting to avoid hacking are encouraged to take advantage of the WEP (wireless encryption protocol) that is built into all wireless devices, to change the default settings on their equipment, and to select a random service set identifier rather than use their real name.

The team quickly found a variety of networks, from public networks provided by Logic, Fairmont, and the Royal Bermuda Yacht Club, through to corporate systems that could be detected blocks away from their home building, even from a car moving at 15 miles per hour.

“Wireless signals are unpredictable,” said Mr. Cooke. “They can leak onto the street or even into other nearby offices. They travel far across open spaces such as the Harbour, and can even be picked up from distant hilltops. Any company that takes security seriously should keep wireless networks outside a firewall and only allow encrypted and authenticated traffic to pass into their trusted interior network,” he continued.

“Similarly, home users should read the manuals when installing their wireless access points. Simple steps, like selecting the checkbox for WEP encryption, will vastly improve the security of their system”.

Stephen Davidson of QuoVadis noted the study showed Bermudians are rapidly adopting wireless technologies, according to the survey. “Several positive factors are driving the growth of wireless in Bermuda. The widespread availability of higher speed Internet access is encouraging Bermudians to use the Web more, and wireless networks allow both businesses and homeowners to get their computers online without costly wiring projects for their buildings.”

“When we conducted the first war drive in 2002, we primarily found wireless in the heart of Hamilton. Today, the technology is so inexpensive and simple that you can pick up signals in virtually every neighbourhood in Bermuda” he added.

Because the survey was intended to passively register the number of wireless signals leaking onto the street, the survey laptop was disabled from actually logging onto any networks.

The survey did not capture any network traffic, and all underlying data was destroyed immediately after the survey. The survey complied with the laws of Bermuda.