60% of WiFi networks lack protection according to a PandaLabs survey

The wardriving surveys (detecting wireless networks while driving around a specific route) carried out internationally have thrown up concerning results: almost 60% of networks have no protection at all

WiFi networks are a potential channel for targeted attacks, as they allow intrusions on systems with no need for intermediaries

Panda Software has published the ìSecurity in Wireless Networksî, report by PandaLabs, highlighting the security deficiencies in WEP, the most widely used protocol in Wi-Fi environments, as well as underlining the relative reliability of other current systems, such as WPA or WPA-PSK. In fact, almost 60 percent of networks, according to the survey, had no security system at all.

The study includes an introduction to wireless networks and a series of basic concepts, before describing the main security protocols, such as WEP and WPA and their main weaknesses. Similarly, the document looks at security in captive portals, used to regulate connections in open networks, such as airports, hotels or other public places. The study can be downloaded from: www.pandasoftware.com/wifi

ìThis survey aims to highlight security levels in wireless networks from a didactic perspective, examining security methods and how their design limitations, or even incorrect configuration, can make them vulnerableî, explains Luis Corrons, director of PandaLabs. ìThis will enable users to avoid the dangers that lie in wait when deploying a WiFi network if the correct measures are not taken.î

The conclusions of the study are clear: security of WiFi networks is, in general, insufficient. While the most widely used protocol for the security of the network, WEP, has many vulnerabilities, the most effective protocols, such as WPA or WPA-PSK, are hardly used at all. PandaLabs was able to verify this circumstance through a series of wardriving surveys carried out internationally in countries such as, Sweden, Slovenia, Canada or Argentina, in which almost 60% of networks lacked protection. Wardriving involves detecting wireless networks on a specific route using a WiFi equipped laptop, and software for detecting the networks.

Wireless networks represent an infection channel for ësilentí malicious code as well as targeted attacks, as they are an entry point to corporate networks. Not only do they allow hackers to infiltrate, but also malicious code of all types: including those designed to target a specific and types of spyware created specifically for a certain size or type of company, etc.

ìAlthough it is true that wireless networks have not been exploited extensively for malicious ends, it would seem clear that users are not sufficiently aware of the threat that they could represent to security î explains Corrons. ìThis is more sensitive in the case of companies: if corporate networks with WiFi are not correctly protected, the scope of the potential attack is more concerning, as security could be compromised across the company, with the WiFi network representing an entry point for both malware and targeted attacks through any of the techniques explained in his latest report.î

The document ends with a series of basic recommendations for protecting WiFi networks, based on the findings of the study, and an analysis of the outlook for the future.

The document can be downloaded from: