Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

City firms risk drive-by hacks

From: InfoSec News <isn () c4i org>
Date: Fri, 16 Nov 2001 02:57:14 -0600 (CST)
http://www.vnunet.com/News/1126890

By Andy McCue 
15-11-2001

City and financial institutions are at risk from 'drive-by' hackers
because they have not secured their wireless networks.

A group of security experts have revealed how easy it is to access
data from outside a company building. Consultants from Orthus picked
up signals from 124 company wireless local area networks (Lans) in and
around the City.

The signals from wireless Lans in an office have a range up to 200
meters, but Orthus found two-thirds were unencrypted and easily
accessible by anyone with inexpensive equipment.

The consultants needed only a laptop, a 129 wireless network card and
free software downloaded from the net.

Eight areas of the capital, including the City, home to the UK's
largest financial institutions, were tested in the study, sponsored by
security specialist RSA.

Although security was tighter in the City, some 48 companies out of
the 124, including some well-known institutions, were still exposed,
with more than half using unencrypted signals.

Anyone with malicious intent could have grabbed user IDs, passwords,
and even wire fund transfers, said Richard Hollis, managing director
at Orthus.

"This is easy pickings for a hacker, and once breached, a wireless Lan
can be used as a base to launch other attacks with complete
anonymity," he said.

Data sent by users authorised to use a wireless Lan carries an
identifier (SSID) that is unique to that network. These SSIDs can be
used to gain unauthorised access to the network and can reveal the
name of a company, making it easier for a hacker to target attacks.

But the technique, also known as 'wardriving', can be easily defended,
said ethical hacker Chris McNab, now a consultant at security company
Matta.

"Security should be as strong as it is for wired networks and dial-up
access connections," he said.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: