| Beware the ‘evil twin’
‘Evil twin’ hotspots are the latest security threat, according to wireless Internet and cyber crime experts at Cranfield University, academic partner of the Defence Academy of the UK. “So-called ‘evil twin’ hotspots present a hidden danger for web users,” explained Dr Phil Nobles, wireless internet and cyber-crime expert at the university. “In essence, users think they’ve logged on to a wireless hotspot connection when, in fact, they’ve been tricked to connect to the attacker’s unauthorised base station. The latter jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client – thereby turning itself into an ‘evil twin’. ” Once the user is connected to the evil twin, the cyber criminal can intercept data being transmitted. “Cyber criminals don’t have to be that clever to carry out such an attack,” added Dr Nobles. “Because wireless networks are based on radio signals, they can be easily detected by unauthorised users tuning into the same frequency.” Unwitting web users are invited to log in to the attacker’s server with bogus login prompts and can pass sensitive data. This type of cyber crime goes largely undetected because users are unaware that this is taking place until well after the incident has occurred. Attacks can also take the form of degrading the performance of the client network or a complete denial of service. The attacker can get the victim’s network to collude in the attack so that the degradation in network performance is less likely to be detected. Professor Collins continued: “Users can also protect themselves by ensuring that their wi-fi device has its security measures activated. In the vast majority of cases, base stations taken out of the box direct from the manufacturer are configured in the least secure mode possible.” Cranfield University acknowledges that this is a new area of cyber crime where more research is required.
•Date:
21st January 2005 • Region: UK/World •Type:
Article •Topic:
ISM |
