Wireless users warned of Evil Twin hotspots

Posted on 20 Jan 2005 at 16:43

UK security experts are warning wireless users to be on the lookout for 'evil twins' when connecting to the Internet in public spaces such as train stations or cafes.

Using hotspots is a risky business, say wireless internet and cyber crime experts at Cranfield University, as most of us ask no more than that the hotspot connection is successfully made. The problem is, as your laptop scans for available networks, it may find one nearer and with a stronger signal than the one you intended to connect to and use that instead: an evil twin.

What's wrong with that? The problem is that you don't know who owns that doppelganger base station. And in the wrong hands, there's nothing to stop the owner intercepting the traffic flowing through the base station, logging personal data such as log on details and financial credentials.

'In essence, users think they've logged onto a wireless hotspot connection when in fact they've been tricked to connect to the attacker's unauthorised base station,' said Dr Phil Nobles, wireless internet and cyber-crime expert at Cranfield University. 'The latter jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client - thereby turning itself into an "Evil Twin".'

'Cyber criminals don't have to be that clever to carry out such an attack,' adds Dr Nobles. 'Because wireless networks are based on radio signals they can be easily detected by unauthorised users tuning into the same frequency.'

Part of the problem is that base stations are usually configured for convenience rather than security, leaving the job of turning on security measures such as encryption to the user.

DProfessor Brian Collins, Head of Information Systems Department, Cranfield University says that users of wireless devices should at least turn on what ever security controls are available.

Dr Nobles is speaking about the issue at the wireless crime event at the Science Museum's Dana Centre today.

Lisa Jamieson, Head of Programmes, Dana Centre said: 'Half of all business wireless networks in this country have inadequate security controls in place, making their information vulnerable to attack. Through this event, the audience will be more aware of the potential risks and can find out how to ensure that they don't become another cyber victim statistic.'

More information is available at the Dana Centre website.

Author: Matt Whipp