Beware rogue hotspots, users told


Beware rogue hotspots, users told

Cliff Saran

Public wireless hotspots are a major risk to corporate IT security, according to research due out this week from RSA Security.

The research, conducted for the US-based online security group by Capgemini in London, Paris and New York, found that public wireless hotspots, which are popular with business travellers, are insecure and prone to attack. Such hotspots can easily be cloned, the researchers found.

Capgemini has developed a proof-of-concept rogue wireless hotspot, which the company said could easily spoof a genuine hotspot and track everything a user does while accessing the rogue hotspot.

The proof-of-concept, based on a wireless-enabled laptop running software that mimicked the log-in page of a commercial wireless hotspot, was able to run fake SSL secure internet access, used for the logging-in process for online banking and e-commerce transactions.

Any user logging into the rogue hotspot would inadvertently be giving a would-be attacker their bank log-in and password, personal identification number, credit card details, or any private or commercially sensitive information, said Phil Cracknell, director of Capgemini’s security consulting practice.

l BT has named the first six of 12 locations where it will roll out city-wide wireless networks. Working in partnership with local authorities, BT will set up the Wi-Fi networks in Birmingham, Edinburgh, Leeds, Liverpool and Cardiff, and will expand its work with Westminster City Council.

The schemes will include wireless broadband in the home, BT Openzone Wi-Fi hotspots, and high-speed mobile device access.

Read article about The Jericho Forum’s roadmap for mobile security


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy