http://www.microscope.co.uk/articles/article.asp?liArticleID=131413 By Bill Goodwin 22 June 2004 Businesses in Europe's leading financial centres are failing to secure their wireless access points despite the risk of "drive-by" hacking. More than 33% of businesses surveyed in London, Milan, Paris and Frankfurt are still making fundamental security mistakes, research by RSA Security revealed. The failure of companies to use basic wireless security standards, such as WEP (Wired Equivalent Privacy), is leaving otherwise well-protected corporate networks with holes that could be exploited by hackers. "Once hackers are connected, they can do what they like," said Tim Pickard, director at RSA. "This instantly negates the effort and investment organisations have made in other areas to secure the corporate infrastructure." The survey found that the number of wireless networks has increased by 770% to more than 1,000 in London during the past three years. Although awareness of wireless security has improved, 33% of wireless access points in London firms still do not use basic WEP encryption. London businesses have also left 25% of wireless networks on their default settings, broadcasting information about companies' IT systems to potential hackers. These lapses leave businesses open to hackers, who are able to locate vulnerable access points by doing "drive-by" attacks armed with low-cost equipment. "In the worst case scenario, hackers could bypass a lot of the traditional security, including firewalls, giving them access to vulnerable parts of the network," said Pickard. The picture is even worse in Frankfurt, where 41% of wireless networks are unencrypted, along with 72% in Milan. _________________________________________ ISN mailing list Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie! (Broke? Spend 15 minutes a day on the project!)
This archive was generated by hypermail 2b30 : Tue Jun 22 2004 - 06:59:30 PDT