[ISN] City firms risk drive-by hacks

From: InfoSec News (isnat_private)
Date: Fri Nov 16 2001 - 00:57:14 PST

  • Next message: InfoSec News: "RE: [ISN] Oracle Chief Challenges Hackers"

    By Andy McCue 
    City and financial institutions are at risk from 'drive-by' hackers
    because they have not secured their wireless networks.
    A group of security experts have revealed how easy it is to access
    data from outside a company building. Consultants from Orthus picked
    up signals from 124 company wireless local area networks (Lans) in and
    around the City.
    The signals from wireless Lans in an office have a range up to 200
    meters, but Orthus found two-thirds were unencrypted and easily
    accessible by anyone with inexpensive equipment.
    The consultants needed only a laptop, a 129 wireless network card and
    free software downloaded from the net.
    Eight areas of the capital, including the City, home to the UK's
    largest financial institutions, were tested in the study, sponsored by
    security specialist RSA.
    Although security was tighter in the City, some 48 companies out of
    the 124, including some well-known institutions, were still exposed,
    with more than half using unencrypted signals.
    Anyone with malicious intent could have grabbed user IDs, passwords,
    and even wire fund transfers, said Richard Hollis, managing director
    at Orthus.
    "This is easy pickings for a hacker, and once breached, a wireless Lan
    can be used as a base to launch other attacks with complete
    anonymity," he said.
    Data sent by users authorised to use a wireless Lan carries an
    identifier (SSID) that is unique to that network. These SSIDs can be
    used to gain unauthorised access to the network and can reveal the
    name of a company, making it easier for a hacker to target attacks.
    But the technique, also known as 'wardriving', can be easily defended,
    said ethical hacker Chris McNab, now a consultant at security company
    "Security should be as strong as it is for wired networks and dial-up
    access connections," he said.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Fri Nov 16 2001 - 07:07:57 PST