Half Of UK Wi-Fi Networks Vulnerable To Hacking

Nearly half of private Wi-Fi networks do not have sufficient security on them to prevent hackers from stealing data, a study has found

Almost half of home Wi-Fi networks in the UK can be hacked in less than five seconds, even if they are password-protected, according to a new study by life assistance company CPP.

The ‘ethical hacking’ experiment was conducted across six UK cities, and used freely available software in order to identify insecure networks. Of those networks tested, around 40,000 were found to be high risk, potentially exposing the personal information of thousands of British Internet users.

“When people think of hackers they tend to think of highly organised criminal gangs using sophisticated techniques to crack networks. However, as this experiment demonstrates, all a hacker requires is a laptop computer and widely available software to target their victims,” said Jason Hart, Ethical hacker and senior vice president of CRYPTOCard, who carried out the experiment.

Private and public networks

According to the findings, nearly a quarter of private wireless networks has no password attached at all, making them immediately accessible to criminals. However, according to CPP, even password-protected networks are not secure, and can be hacked in a matter of seconds.

The study also revealed that publicly available networks can be ‘harvested’ by hackers for usernames and passwords at a rate of more than 350 an hour. While nearly one in five wireless users say they use public networks regularly, the experiment showed that more than 200 people unsuspectingly logged onto a fake Wi-Fi network over the course of an hour.

“With the growth in the number of smartphones and wireless networks, it has become far easier for hackers to crack usernames and passwords, allowing them access to emails, social networks, and online banking sites and even to assume the online identity of their victim,” said Hart. “It’s vital that both businesses and individuals think very carefully about network security and what information they provide when going online.”

Identity fraud expert from CPP, Michael Lynch, also warned about the particular dangers of public networks. “It’s vital they remain vigilant, ensure their networks are secure and regularly monitor their credit reports and bank statements for unsolicited activity,” he said.

CPP advises members of the public to use encryption on their wireless access points and ensure then have Wi-Fi Protected Access 2 – the latest security standard introduced by the Wi-Fi Alliance. They should also install a firewall and use an obscure ID, like “wireless” or “router 1”, that doesn’t give away anything critical. Alternatively, a secure wireless network can be created by implementing a Virtual Private Network (VPN).

PCeU shortages

Earlier this month, the Metropolitan Police commissioner Paul Stephenson wrote in an article for the Sunday Times about the worrying lack of resources at the Metropolitan Police Central e-Crime Unit (PCeU), admitting that it is only able to deal with a tenth of the known criminals that regularly use computers for illegal purposes.

According to the Commissioner, only 15 percent of the 385 officers dedicated to online crime are investigating terrorism, fraud, identity theft and other serious non-personal crimes. The remaining 327 officers are said to be investigating child exploiters and tracking the online exchange of child pornography.

Despite this, UK police were recently responsible for arresting multiple suspects in connection with the Zeus Trojan that was used to steal bank account details, which led to the theft of more than £6 million over a few months. “It has been estimated that for every £1 spent on the Virtual Task Force, it has prevented £21 in harm from potential theft,” said Stephenson.

In a recent poll by security firm Sophos, more than 80 percent said they were against the recent cuts in funding for the PceU, stating that cybercrime is on the rise, and we need more resources to fight it.