'Evil twin' could pose Wi-Fi threat
Takeaway: Wi-Fi hot-spot users should be on their guard for fake wireless access points used by hackers to steal data, researchers warn.
Stay on top of the latest tech news with our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!By
Dan Ilett
Special to CNET News.com
Researchers at Cranfield University are warning that "evil twin" hot spots, networks set up by hackers to resemble legitimate Wi-Fi hot spots, present the latest security threat to Web users.
Attackers interfere with a connection to the legitimate network by sending a stronger signal from a base station close to the wireless client, turning the fake access point into a so-called evil twin.
"Evil twin hot-spots present a hidden danger for Web users," said Phil Nobles, an academic researcher who specializes in wireless Internet and cybercrime. "Because wireless networks are based on radio signals, they can be easily detected by unauthorized users tuning into the same frequency."
Once an unknowing user has connected to an evil twin, a hacker can intercept transmitted data. Users are invited to log into the evil twin with bogus log-in prompts and can be lured into passing sensitive data such as user names and passwords.
The Cranfield University researchers believe this is a new area of cybercrime where more research is required. However, in October 2002, security company ISS published details of base-station cloning, otherwise known as evil twin traffic interception, suggesting that the idea is almost two-and-a-half years old.
In the 2002 document describing "BaseStation Clone (Evil Twin) intercept traffic," ISS gives the details of the technique. "An attacker can trick legitimate wireless clients to connect to the attacker's honeypot network by placing an unauthorized base station with a stronger signal within close proximity of the wireless clients that mimic a legitimate base station," ISS said. "This may cause unaware users to attempt to log into the attacker's honeypot servers."
Cranfield University's head of information systems, Brian Collins, said that people can protect themselves by ensuring that their Wi-Fi device has its security measures activated. He said that in the vast majority of cases, base stations taken out of the box direct from the manufacturer are automatically configured in the least secure mode possible.
Dan Ilett of ZDNet UK reported from London.
White Papers, Webcasts, and Downloads
- Business Analytics and Optimization for the Intelligent Enterprise IBM Corp. IBM Global Business Services, through the IBM Institute for Business ... Download Now
- Live Webcast: The Power of Centralization in Distributed Development CollabNet Distributed teams are common in software development today. However ... Download Now
- Qwest Network Services for Healthcare Providers Qwest Communications Demands for improved quality care and increased satisfaction require a ... Download Now
- Dynamic Virtual Client: What's in store for client technology going forward? Intel Dynamic Virtual Client, thin client advantages with rich client user ... Download Now
- Twelve Ways to Reduce Costs with Microsoft(r) SQL Server(r) 2008 Microsoft Many organizations are finding themselves having to deal with difficult ... Download Now
Article Categories
- Security
- Security Solutions, IT Locksmith
- Networking and Communications
- E-mail Administration NetNote, Cisco Routers and Switches
- CIO and IT Management
- Project Management, CIO Issues, Strategies that Scale
- Desktops, Laptops & OS
- Windows 2000 Professional, Microsoft Word, Microsoft Excel, Microsoft Access, Windows XP,
- Data Management
- Oracle, SQL Server
- Servers
- Windows NT, Linux NetNote, Windows Server 2003
- Career Development
- Geek Trivia
- Software/Web Development
- Web Development Zone, Visual Basic, .NET
