The explosion of wireless networks at the heart of some of the world’s largest commercial cities is exposing businesses to “drive-by hacking” and other security risks.
Research released today and commissioned by RSA Security revealed that more than one third of businesses with wireless networks are open to abuse from hackers and criminals in the street or a neighboring building.
“For a potential hacker it is almost a case of walking down the street and trying all the doors until one opens — it is almost inevitable that one will,” said John Worrall, vice-president of Worldwide Marketing at RSA. “Our research shows that wireless networks in Europe’s financial capitals alone are growing at an annual rate of up to 66% and more than one third of businesses remain unprotected from this type of attack.”
Researchers undertook studies in the business centers of New York City, San Francisco, London and Frankfurt. In all cities, more than one third of wireless business networks were found to be unsecured — 38% of businesses in New York, 35% in San Francisco, 36% in London and 34% in Frankfurt.
The survey also revealed that many businesses have failed to take basic security precautions such as reconfiguring their default network settings.
This means wireless network access points could still be broadcasting valuable information that could be used by potential hackers and assist them in launching an attack.
In London 26% of access points still had default settings; 30% in Frankfurt; 31% in New York and 28% in San Francisco.
In addition to the business security issues, researchers also found an explosion in public access wireless hotspots: 12% of all wireless network access points in London fell into this category, compared with 24% in Frankfurt, 21% in New York and 12% in San Francisco.
“These figures are another stark warning to unsecured businesses to get their act together,” said Phil Cracknell, CTO at netSurity and the author of the research.
“The rapid rise of wireless public access hotspots runs in parallel to the increased risk to businesses that operate wireless networks with little or no security.”
With a laptop computer and free software available from the Internet, researchers were able to pick up information from company wireless networks simply by driving around the cities’ streets.
In the wrong hands, this type of easy access to a corporate network could be used to get hold of confidential information, disrupt business — or the network could be used to launch an Internet attack on another organization.