Skip to content

UK’s mobile wireless networks open to attack

Avatar

by

23/11/10 in Cybercrime | Identity Fraud/Theft |

Following an investigation by the BBC’s Technology Correspondent, Rory Cellan-Jones, which reveals that many smartphones are vulnerable to cyber attacks, life assistance company CPP warns consumers to be vigilant against the growing threat of “Wi-jacking”.

A live experiment conducted by CPP recently revealed the dangers of accessing the internet over publicly available networks via smartphones.

An ethical hacker was able to harvest usernames and passwords from unsuspecting smartphone users at a rate of more than 350 an hour, by sitting in town-centre coffee shops and restaurants, using readily-available software.

But despite the risks, many smartphone users remain ignorant to the dangers to which they are exposing themselves, as research reveals that the vast majority aren’t aware their phones will connect to vulnerable public networks automatically.

Further research by CPP on Wi-jacking shows:

•    A typical password can be breached by hackers in less than five seconds
•    Despite this, 82% of people think the networks they use are secure
•    37% believe that if the network they use is password protected, it is secure

Michael Lynch, identity fraud expert from CPP, says: “The BBC’s experiment has revealed the vulnerabilities of smartphone use. Mobile users need to be aware that modern smartphones store lots of personal and sensitive information, so they should ensure their personal data is protected”.

CPP’s top tips on using wireless networks safely:
1.    Use encryption on your wireless access points (WAP) - Make sure you have Wi-Fi Protected Access 2 (WPA2) - the latest security standard introduced by global, non-profit industry association, the Wi-Fi Alliance
2.    By implementing a Virtual Private Network (VPN) you can create a secure wireless network.  This is achieved by encrypting all of the data that passes over the ‘insecure’ network so that it cannot be accessed by an eavesdropper
3.    Install a firewall on any network you use (an electronic barrier that sits on a network server and protects the PCs hidden behind)
4.    All wireless routers should have obscure IDs. Rather than put in any real information that can make it clear who owns the connection or that can reveal your location or business name, use something common like “wireless” or “router 1” that doesn’t give away anything critical
5.    Try to position access points, which transfer data between your devices, away from the outside wall of your building to minimise leakage of radio signals. This limits the chances of interception from outside
6.    If you run a business, don’t allow employees to add access points without your authorisation
7.    Be aware of what information you are accessing online, specifically when using public hotspots. Remember that any information you submit, including usernames and passwords, can be read by others
8.    Make sure you check your bank statements regularly to monitor for suspicious transactions
9.    Remember the Golden Rule: Identity thieves are experts at spotting an opportunity to steal your identity and only need a few personal details
10.    If you want more information on how to protect yourself or to see how CPP’s Wi-jacking experiments worked


For more information on CPP’s wireless networking experiments go to http://www.cpp.co.uk to get a copy of CPP’s ‘UK Wireless Network Hijacking’ white paper published in October 2010.

Be the first to comment

    • By registering your comment here you are agreeing to the CPP Blog code of conduct.

  • *All fields are required

In this section

Latest Articles

Popular Articles