September 15, 2005
Security threat to Wi-Fi by "Evil Twin"
Evil Twin is new threat to Wi-FI users. It refers to the use of malicious servers that pose as genuine ones and try to extract sensitive information such as credit card numbers and bank details. The attack can be carried out by a person close to a hot spot.
The malicious server interferes with the signals sent to the wireless users. The users are tricked into logging in to the fake server. Evil Twin has special significance for countries like the UK and US as they have a very high concentration of Wi-Fi hotspots. The UK has more than 9,000 hotspots whereas the US has more than 22,000.
The growth of Wi-Fi has been helped by the Centrino chip, which now comes with additional security features and a built-in support for Cisco-compatible extensions. T-Mobile has a network of more than 4,500 hotspots across the US and it is implementing authentication based on 802.1x in order to prevent security breaches.
The implementing of a strong security network assumes special significance because of the variety in which the breaches can occur. Attackers can launch man-in-the-middle attacks and can capture data without even requiring a cellular card. These attacks are more likely to occur at public hotspots as corporate VPNs are generally more secure; however, a company employee can expose himself to risk if he tries to access a corporate network via a public hotspot.
Corporates are faced with the problem of rogue access points that can spring up anywhere in the company premises. The problem lies in the fact that any network to which a Windows user has connected to in the past gets reconnected by default. A patient attacker has only to wait long enough for a user who has previously networked with him. As with any technology that gains currency, the first step in the defense process is to educate the user.
--
Did you enjoy this post?
« Aspects of VoIP security | Main | VoiP considerations for homeowners »
