The next time you log on to a public Wi-Fi network, you may be opening yourself up to more than you think, new research from Sophos has found.
Looking to illustrate the precarious state of London’s Wi-Fi networks, the internet security provider sent its Global Head of Security Research James Lyne on a ‘warbiking’ trip around the city, travelling on a special computer-equipped bicycle to see just how secure they are.
Using a 4G LTE modem loaded on his bike, Lyne created his own Internet hotspot, positioning it to be in range of places that offer free wifi. Creating a fake portal page offering free Internet browsing, over the course of two days Lyne was able to snare 2,907 unsuspecting users, many of whom went straight to social media sites or accessed personal email accounts.
"This willingness to connect to any wireless network that professes to offer free wi-fi, without ensuring you have some kind of security measures in place, is like shouting your personal or company information out of the nearest window and being surprised when someone abuses it," Lyne said of his findings, noting that only a tiny minority (2%) of users on his network actually took responsibility for their own security by using a Virtual Private Network (VPN) or forcing secure web standards.
The bike was also able to to track down unsecure wireless networks across the city, and found some alarming results concerning the state of the capital’s Wi-Fi.
Over the two days, Lyne found that 29.5% of networks were using either the known-broken Wireless Equivalent Privacy (WEP) algorithm, or no security encryption at all, leaving users at risk of having their data stolen.
Of the 81,743 networks surveyed, a further 52% of networks were using Wi-Fi Protected Access (WPA) – a security algorithm no longer recommended for public use.
"Even within the security industry there are myths and misunderstanding about what the real risks are with wireless," Lyne said.
"Many argue that the unencrypted, intentionally open networks are ‘OK’ as they use a captive portal to register users. Unfortunately the standard user doesn’t recognize that major brand XYZ wireless is not encrypted and that their information can be picked up by anyone with £30 piece of equipment available on Amazon".
Lyne had already carried out a similar exercise in San Francisco last month, where over 1,500 people connected to the fake hotspot in in a few hours. Once connected, many used the network to access password-protected websites such as online banking.
"Incredibly, conventional wireless network security is still a major concern, despite the security industry assuming such issues had been resolved years ago," Lyne added.
"Many would assume these methods are ‘old hat’ but it is still a very viable attack vector that demonstrates basic security best practice is not being adopted."
