We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

London Wi-Fi networks open to attack

City businesses fail to thwart hackers

After years of stark warnings, many Wi-Fi networks located in London's City financial district still lack basic levels of security, a security vendor claims to have found.

According to security testing company NTA Monitor, which recently assessed security using passive monitoring, internal resources such as printer queues could be found quite easily, while other networks used only weak WEP security to keep network traffic from prying eyes. Astonishingly, others used no encryption at all.

"If a stranger walks into an office and connects to your network, it's quite likely that they'd be challenged by someone working there. But by sitting in a café with a laptop they're pretty inconspicuous and probably out of sight of the office whose network they're connecting to," said NTA's technical director Roy Hills.

"For a malicious user wishing to connect to a corporate network, the City seems to be an ideal location," he said.

A further problem the company noticed was that access points could be named in ways that might make users susceptible to hacking. For instance, where more than one Wi-Fi node was in use by one enterprise, names could often be very similar, as well as generic. Using distinctive names, and keeping access points separate in the minds of users would make it harder for hackers to impersonate access points using similar-sounding 'evil twins’.

The company gave no details of which size of companies were found to have problems, nor any percentages on specific security problems.

The issue is timely. At last week's Infosecurity Europe Show, the issue of 'evil twin' access points reared its head once again. According to ISS, these are still one of the commonest ways to mine credit card and other password data from the general public, despite having been a high-profile problem for several years.

For more information on network monitoring, our sister site Techworld has a comprehensive network monitoring resource page.

IDG UK Sites

Best January sales 2015 UK tech deals LIVE: Best New Year bargains and savings on phones, tablets,...

IDG UK Sites

Chromebooks: ready for the prime time (but not for everybody)

IDG UK Sites

Best Photoshop Tutorials 2014: 10 inspiring step-by-step guides to creating amazing art,...

IDG UK Sites

Mac tips tricks & hacks: 10 things you didn't know your Mac could do