Out-Law News 1 min. read

Most WiFi networks are insecure, says Panda


Almost 60% of WiFi networks have no security protection according to a report from security firm Panda Software that highlights the deficiencies found in the main security protocols used by wireless networks.

Advert: Infosecurity Europe, 25-27 April 2006, Olympia, LondonWiFi is a local area high-speed wireless technology that gives broadband access to users within a particular range, or hotspot. But such networks are vulnerable, as they permit intrusions on systems with no need for intermediaries.

Not only do they allow hackers to infiltrate, but they can also be used to input malicious code of all types into a network.

The Spanish security firm carried out 'wardriving' surveys to check the accessibility of WiFi networks. Wardrivers drive around with normal laptop computers, running freely available software, which can detect accessible wireless, or WiFi, networks. By simply clicking a mouse they can access the detected network.

The surveys found that almost 60% of networks have no protection at all.

The report, Security in Wireless Networks, also reveals that where protections are in place, they are largely inadequate. It says that while the most widely used protocol for the security of the network, WEP (Wired Equivalent Privacy), has many vulnerabilities, the most effective protocols, such as WPA (WiFi Protected Access) or WPA-PSK (WiFi Protected Access – pre-shared key), are hardly used at all.

“Although it is true that wireless networks have not been exploited extensively for malicious ends, it would seem clear that users are not sufficiently aware of the threat that they could represent to security ” said Luis Corrons, director of PandaLabs.

“This is more sensitive in the case of companies: if corporate networks with WiFi are not correctly protected, the scope of the potential attack is more concerning, as security could be compromised across the company,” he added.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.