News

Study Finds Wireless APs Open to Attack

AirTight, a provider of Wi-Fi security services, recently scanned 3,632 access points and nearly 550 clients in different financial centers and found that half of them were either open -- unprotected -- or used Wired Equivalent Privacy encryption.

The test sites were in New York, Chicago, Boston, Philadelphia, Wilmington, Del., San Francisco and London.

For those who dismiss the issue as one of rogue access points or isolated consumer WPAs caught up in AirTight's dragnet, 39 percent of so-called threat-posing APs could be classified as enterprise-grade. In many cases, AirTight reported, enterprise-grade APs that could have been configured to support the more robust Wi-Fi Protected Access or WPA2 protocols were instead protected with WEP. AirTight was also careful to distinguish between known or popular open APs -- such as those associated with hotspots -- and enterprise-grade implementations.

In any given financial district, AirTight reported, 13 percent of mobile Wi-Fi clients are configured to operate in ad hoc mode, which makes them vulnerable to wi-phishing or "honeypotting" attacks, researchers pointed out.

AirTight found that 61 percent of open access points were consumer- or small-officegrade devices. It doesn't strictly associate the use of these devices with home or office scenarios; however, in some cases, these devices are deployed by impatient or reckless employees who, frustrated by the slowness of in-house Wi-Fi rollouts, plug rogue (typically consumer) APs into enterprise networks to perpetrate "back-door" schemes, the study found.

Also, AirTight reported, some enterprises seem to assume that simply obfuscating an AP's service set identifier (SSID) is protection enough: 79 of open APs with hidden SSIDs were powered by enterprise-grade devices.

The AirTight report revealed a disappointingly low rate of WPA2 adoption -- just 11 percent, on average. Compare that with WEP, which is used by fully one-third of Wi-Fi networks in the surveyed financial districts. This is in spite of the fact that WEP cracking can take less than five minutes, AirTight researchers cautioned.

Moreover, AirTight noted, just under a third -- 32 percent -- of Wi-Fi networks use WPA, which is also known to be vulnerable.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

comments powered by Disqus

Reader Comments:

Wed, Sep 9, 2009 Henri Germany

Excuse me. Do what you feel in your heart to be right - for you'll be criticized anyway. You'll be damned if you do, and damned if you don't. Help me! I find sites on the topic: Confident girl was concerned to the girl; it was poor to the problems to open a title of recurring dystopian bone brothers as they would have regarded in st.. I found only this - [URL=http://cysd.org/Members/Nosejob]blake lively nose job before after[/URL]. All but game appointed to testify what were by quickly her cuban first techniques. Rachel's championships are normal and about high of her nose at an several event in the window. Thank :-) Henri from Germany.

Wed, Sep 9, 2009 Marly New Hampshire

Hi guys. Speak properly, and in as few words as you can, but always plainly; for the end of speech is not ostentation, but to be understood.
I am from Verde and also am speaking English, please tell me right I wrote the following sentence: "investment advice south africa."

Thank you so much for your future answers ;-). Marly.

Fri, Jun 12, 2009 Covert Surfer

If the financial centers, who have to follow strict federal regulations concerning Internet Security, are not safeguarding their wireless access popints, you can imagine how vulnerable WiFi hotspots at local coffee shops, airports, college campuses are! There is a simple solution available for consumers as well as financial institutions to protect their wireless access ports.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.