R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Home wireless networks wide open

Half of all home wireless systems open to attack

Iain Thomson, vnunet.com 20 Feb 2007
ADVERTISEMENT

Research by the Indiana University School of Informatics (IUSI) has uncovered a security threat that could affect half of all home servers.

The attack uses a JavaScript application to change the domain name system settings on an unsecured router, or one that uses the default password.

This could allow a hacker to redirect the user to a phishing site whenever they try and log-on to their online banking sites, for instance.

Professor Markus Jakobsson of the IUSI, explained that the attack highlights the importance of the human factor in security.

"While drive-by pharming arises due to inadequate protective measures, there is also another human component: if an attacker can trick you into visiting his page, he can probe your machine," he said.

"Deceit is not new to humankind, but it is fairly recently that security researchers started taking it seriously."

The IUSI estimates that around 50 per cent of home routers are vulnerable to the attack because of poor password protection.

It recommends the use of a multi-layer password that includes upper and lower case letters, numbers and symbols to make cracking difficult.

"This new research exposes a problem affecting millions of broadband users worldwide," said Oliver Friedrichs, director of Symantec Security Response.

"Because of the ease with which drive-by pharming attacks can be launched, it is vital that consumers adequately protect their broadband routers and wireless access points today."

The attack is even more worrying since it requires no physical access to the router. A hacker could simply drive through a neighbourhood and launch the attack remotely.

See also:

Privileged passwords are more common in enterprises than previously thought
Privileged passwords create hacking threat
Non-personal passwords offer easy way in to enterprise networks  05 Oct 2006
Paris Hilton was among customers who had their calling card accounts cancelled after it was discovered that a number of celebrity voicemail accounts had been broken into
Paris Hilton calling card account cancelled
Not thought to be related to a number of celebrity voicemail hacks, including Lindsay Lohan's  01 Sep 2006
Abertay University will launch the UK's first 'ethical hacking' course in September
UK university offers first hacking degree
Abertay to launch BSc (Hons) in Ethical Hacking & Countermeasures  21 Jun 2006
Almost half of all UK wireless networks are open to attack, according to research from anti-virus company Kaspersky
Wireless networks still wide open to attack
Report finds 49 per cent of wireless networks in London operating without encryption  25 May 2006

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
R E A D E R   C O M M E N T S
Post your comment Post your comment   What is this?

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
IT Development Manager/Project Manager
Guildford, Surrey, United Kingdom | Enstar
 IT Development Manager/IT Development Project manager - Guildford - £40k - £60k plus benefits   Enstar (EU) Limited (formerly Castlewood (EU) Limited) is seeking an IT Development Project Manager and an IT Development Manager to ... more >
IT Business Analyst
Leek Wootton, United Kingdom | Warwickshire Police
 IT Business Analyst - Leek Wootton, Warwickshire - £29,112 - £31,491 PA - 37 hrs per week   Everyone who works for Warwickshire Police helps to protect our communities from harm. Work with us and ... more >
IP Network Administrator
Reading, Berkshire, United Kingdom | EDS
Position # 397874 IP Network Administrator Location - Reading Job Description: There is a requirement for an IP network administrator to join the Infrastructure Services operational support team to manage the movement of network resources, ... more >
SQL Database Administrator
Aylesbury, Buckinghamshire, United Kingdom | Grass Roots
SQL Database Administrator - Aylesbury - £DOE Grass Roots are one of the Sunday Times Top 100 companies to work for (2007 and 2008). Established in 1980, we're part of the Grass Roots Group, which is ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Feedback . Contacts
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . IT Week . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503