Proliferating Wi-Fi networks in businesses and public hotspots is needlessly exposing users to security risks because proper precautions aren't taken, a security vendor said.
A report sponsored by security vendor RSA Security found more than one-third of businesses with wireless networks were susceptible to intrusion from unwanted sources.
The netSurity report studied wireless networks in several US and European cities.
"For a potential hacker, it is almost a case of walking down the street and trying all the doors until one opens -- it is almost inevitable that one will," said John Worrall, vice president of the RSA's worldwide marketing, in a statement.
"Our research shows that wireless networks in Europe's financial capitals alone are growing at an annual rate of up to 66 percent, and more than one-third of businesses remain unprotected from this type of attack."
netSurity researchers roamed New York, San Francisco, London, and Frankfurt with laptops and free software downloaded from the internet.
The researchers claimed 38 percent of networks in New York, 35 percent in San Francisco, 36 percent in London and 34 percent in Frankfurt were unprotected.
"This means," the report stated, "that wireless network access points could still be broadcasting valuable information that could be used by potential hackers and assist them in launching an attack."
RSA spokesman Matt Buckley said the annual survey found that 802.11g was the dominant Wi-Fi standard.
"It's jumped ahead," he said. "It's about two-thirds of the [Wi-Fi] market now. We thought 802.11.a would move forward, but it hasn't."
Buckley said security issues differed for business users and for public hotspot users. Business networks were meant to serve only authorised users, while public networks were open to anyone.
He said many businesses failed to reconfigure Wi-Fi default settings. "You should change the default settings to something unique," he said.
Business networks should force users to authenticate themselves before they can gain access. Business VPNs, for example, often required authentication, Buckley said.
Also, many sites didn't encrypt their traffic. But the encryption problem could be partially solved by introducing recently-approved 802.11i hardware automatically encrypted traffic, he said.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
