Many large retailers in the UK, US, and Europe are
exposing customers to theft of credit card information by using
insecurewireless networkconnections,
according to a survey of 3,000 shops in big cities, including
London.
The survey by wireless security company Air Defense showed that
85% of wireless devices used by retailers, risked theft of customer
and business data.
"Protecting consumer and retailer information is the most
important job for retailers, and a layered wireless security
approach is the only way to prevent proprietary information
disappearing," said Richard Rushing, chief security officer at Air
Defense.
The survey found that the most common security weaknesses
included misconfigured access points that would give criminals
access to data, the use of default network names that gave away the
identity of the retailer, and missing or weak
data encryption.
A quarter of the wireless connections monitored were not
encrypted. A quarter of the protected connections were using the
weakest form of wireless data encryption and less than half were
using the strongest protection.
The survey also found that large retailers often use the same
security technologies at all their sites, which meant all sites had
the same vulnerabilities.