You are here: silicon.com > Software > Security Strategy

Security Strategy

Wireless LANs wide open to 'drive-by' hackers

You can never be too careful...

Printer Friendly Email Story RSS

By Joey Gardiner

Published: 15 November 2001 15:45 GMT

City firms are leaving themselves wide open to hackers by failing to secure their wireless networks.

RSA Security picked up data from over a hundred wireless LANs just by walking around some streets in the City with a simple scanner. Two thirds of these networks used no encryption at all.

Just under half transmitted the name of the company running the network in the data packets.

Tim Pickard, marketing director for RSA, said firms who had spent millions on top of the range IT security and firewalls were leaving the back door wide open: "This is easy pickings for anyone with malicious intent. Not only can hackers get access to corporate data, but they can also get into the network to plant trojans or launch denial of service attacks."

The survey compounds fears that the rapid growth in wireless technology is leading to a new kind of "drive-by hacking". This is when the signal from wireless LANs carries on outside the building, allowing anyone nearby to get access to the data, if they are equipped with the right gear.

For the study, all RSA Security needed was a laptop, a £129 wireless network card, and two pieces of software freely available over the internet.

It picked up 124 different networks within a two mile area around the City of London, 83 (67 per cent) of which were unencrypted, meaning clear text data was available for anyone to intercept.

The widely-publicised weakness in the encryption standard for wireless networks would allow a hacker to break the code in a day, Pickard said.

RSA advises users of such networks to ensure they have the encryption activated and ensure that the wireless LAN connection points are outside the firewall, to avoid the risk of compromising the entire company.

It also recommends firms run additional encryption and authentication on top of the platform, to make hacking impossible.

RSA stresses it did not actually attempt to inspect any of the data it could detect, or try to decrypt any of the networks. It also stresses it did not need to gain entry to any of the organisations to get the info - all data was collected from the street.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

WLAN hacking is a problem in the US as is in Londo...
Anonymous

Click here to see all

Related Links

Wireless LAN easy meat for hackers

High-Speed Networking: silicon.com Hot Topic now live

Intel gears up for faster wireless networking

Wireless LAN Security: What Hackers Know That You Don’t

3G Wireless Networks, Wi-Fi Wireless LANs, and Secure VPNs: Perspectives for Mobile Operators

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…

Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...

Prison tech: Mobiles blocked and bodies scanned

NHS data handling: Calls for independent audits

ID cards: 'Political' move, claim airport workers

Viacom vs Google: YouTube privacy fears

Google Talk finds a home on iPhone

ePassport upgrade scaled back


  • Jobs
Security Consultant - Leeds - 60000

This is a technical IT Security role, focusing on Data Encryption, Operational Security and Trust Models, Physical Security methods, Firewalls, ...

Technical Support Engineer Windows XP 2003, Microsoft Outlook, LANs, WANs, DNS,

Technical Support Engineer Windows XP 2003, Microsoft Outlook, LANs, WANs, DNS, - Lambeth - 2198 RM helps to push the boundaries of technology to ...

Database Consultant, Encryption, Oracle, SQL, DB2, Java, DBA, Surrey

Ideally you will have some experience with Cryptography / Cryptographic / Encryption technology, or at least have a strong appreciation of it. My ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

College classrooms go high-tech

Travis Perkins builds its tech future

Thin clients switch on digitally excluded

MSDN Webcast: Demystifying Office Business Applications for the Developer (Level...

Understanding SOA and Business Mashups: Automate. Coordinate. Collaborate. No coding...

Tips and Tricks for Office 2007

MSDN Webcast: Demystifying Office Business Applications for the Business Analyst...

Stories from the web...


Peter Cochrane's Video Blog: Power outrage

Business agility through flexible IT

What are you really saying?


Microsoft readies online apps for business

EU law to end file-sharers time online?

Privacy concerns over Google Street View

Get a Lively life, with Google avatars

Are banks going soft on e-crime?




Quick Sitemap Links: