Two out of three UK firms using wireless technology are still failing to take even minimum precautions to secure their networks.

IT services company Newell & Budge published research today warning that organisations are rushing to reap the benefits of wireless technology without addressing the security risks.

Using basic IT equipment available from high street retailers, and free software from the internet, Newell & Budge simulated the tactics of a relatively unsophisticated drive-by hacker in cities including Manchester, Birmingham, Edinburgh, Glasgow and Dublin.

In some areas as many as four out of five wireless networks were unencrypted, with the average across the survey being three out of five.

Only one per cent had disabled the Service Set Identifier (SSID) broadcasts, while nearly three quarters were broadcasting an SSID that identified some details about the organisation. One in five were using the default settings.

When an organisation adds recognisable text for their SSID, and allows the SSID to be broadcast, hackers can use this information to facilitate an attack.

Conrad Simpson, managing director of Newell & Budge, said: “The results tell us that security is still not being taken seriously, despite the well-documented issues.

“Companies need to fully understand the security implications of using wireless technology, and vendors must do more to emphasise the potential risks.

“At a time when information security is at the top of the agenda for many organisations, and security officers are under pressure to show a return on the investments made in IT security, it is worrying that many are opening up a route that bypasses existing measures.”

---

Filed under: Security - @ February 6, 2005 9:44 pm