E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.		 LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


INSECURE WIRELESS NETWORKS EXPOSED

Source: Toronto Star

Posted on September 10, 2002

      A local consulting firm launched a controversial Web site yesterday that shows gaping security holes in hundreds of wireless networks throughout the downtown Toronto core, including many in the financial district and some government and university areas.

      The consulting firm, irreverently called IpEverywhere, says about 75 per cent of the more than 1,000 downtown wireless networks it has detected so far have no evidence of security and leave organizations wide open to information theft, data destruction, networking spamming and other cyber attacks.

      The company plotted its findings on a map found at http://www.nakedwireless.ca, which went live on the Internet yesterday afternoon. The map marks vulnerable networks with red pins, while black triangles indicate networks protected with WEP -- "wireless equivalent privacy" -- encryption.

      "We never anticipated finding so many (open networks)," said J.P. Tanguay, chief executive officer of IpEverywhere. "The initial map only took one day to do. The first night we picked up more than 500 access points in under an hour."

      He plans to release similar maps for Oakville, Mississauga, Markham, Scarborough and other areas in and around the GTA, with a longer-term goal of mapping cities across the country.

      "It's a neat tactic," said Lawrence Surtees, telecommunications analyst with IDC Canada Ltd. "Anything groups or experts can do to promote awareness is a great idea."

      Despite media reports about the lack of security in wireless networks based on the 802.11b standard -- dubbed "Wi-Fi" -- Tanguay said companies using these networks continue to ignore the risks and falsely believe the products they use are secure by default, when the opposite is often true.

      Wireless networks are typically connected to internal corporate networks. Unprotected wireless networks can provide a back door to an organization's larger network, offering intruders free Internet access and a way to impersonate employees, tamper with sensitive company data or send in destructive computer viruses.

      Tanguay said the Web site was launched to draw more attention to the issue, which he considers a "growing national crisis."

      "If the site is controversial, that's great," Pat Mason, chief operating officer of IpEverywhere, said. "We want to have more discussion about this problem. Knowledge and awareness is good. The enemy in this issue is complacency and ignorance."

      The company, which provides network-security consulting services for large businesses, acknowledges its actions may be perceived as a way to drum up business for itself. But Tanguay said companies visiting the site have no obligation to use IpEverywhere's services.

      Other experts in the community confirmed the company's findings. "I'd say their findings are not surprising," said Keith D'Sousa, senior manager of information security services at KPMG LLP in Toronto. "From our own experience, we've had a 50-per-cent hit rate."

      A study done by RSA Security Inc. found that 67 per cent of all Wi-Fi networks detected in London, England, were unencrypted and open to attack.

      Last year, reporters from The Star went "war driving" with KPMG and found 43 Wi-Fi networks in less than 15 minutes -- 80 per cent of which were not secure. War driving is when a person drives around city streets and attempts to intercept unprotected wireless networks, using mainly a laptop, some free software and a cheap antenna.

      When using a plane, the practice is called "war flying." Meanwhile, "war chalking" is when hackers mark buildings or sidewalks with chalk to signal vulnerable networks to other hackers. "For some reason, companies have woken up to security on their computers and the Internet, but they've fallen asleep on wireless," said Surtees.



CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.