Modernizing Authentication — What It Takes to Transform Secure Access
Sophos researchers recently found that, among more than 100,000 individual Wi-Fi hotspots they detected throughout central London, fully 8 percent used no encryption, and 19 percent used obsolete WEP encryption.
"Sophos’ director of technology strategy, James Lyne, spent two days cycling a route with a GPS-enabled device and assessed the security level of wireless networks across more than 91 miles of central London," writes The Next Web's Jamillah Knowles. "The survey looked at nearly 107,000 wireless networks in total."
"Lyne said the widespread use of WEP could be partly down to the large numbers of legacy routers in the Capital," writes IT PRO's Caroline Donnelly. "'I have not seen a device for a good long time that is not, at least, capable of WPA encryption,' he said. 'There is clearly a legacy [hardware issue] that needs to be handled... but, as long as it is still working, people don’t bother changing it.'"
"Way back in 2001, researchers showed how it was simple to crack the key used in WEP," notes TechWeekEurope's Tom Brewster. "Since then, automated tools have been created, such as aircrack-ng, making it easy to crack keys in minutes. Wi-Fi vendors have responded, and the more secure WPA protocol should be in use everywhere."
"A wireless network that isn't properly protected runs the risk of being snooped upon -- meaning your data is open for anyone to see," writes Sophos' Graham Cluley. "So think twice and always use a VPN (virtual private network) or SSL (secure sockets layer) if you have to use an insecure wireless network."