You might have an “evil twin” and not know it.
In this case, the twin is trying to steal financial information through a bogus wireless computer network.
Researchers in Britain are warning people who use Wi-Fi, the increasingly popular wireless means of connecting to the Internet, that hackers could install impostor networks, or “evil twins,” close to real ones. The purpose is to collect private information, such as computer passwords and credit-card numbers, from anyone who thinks they’re accessing the authentic network.
The researchers’ findings are nothing new, having appeared in trade publications two years ago. The group of cybercrime experts at Cranfield University in Bedfordshire, Britain, mainly intended to emphasize how much more easily evil twins can be installed, given Wi-Fi’s growing use.
Wi-Fi – short for wireless fidelity – can be found in many hotels, airports, bookstores and coffee houses. It’s estimated that more than 22,000 commercial Wi-Fi networks exist in the United States.
That estimate, however, doesn’t include uncounted thousands of private and home networks. It’s these networks that the British experts believe are at greatest risk, because many of them are not adequately secured against cyberthreats.
Often, Wi-Fi access points are installed using the manufacturer’s default security settings, which afford the lowest level of protection. Further, the transmissions aren’t encrypted, so anyone able to intercept them can read the contents.
Creators of evil-twin networks hijack authentic networks by overriding the low security settings. Other network users then log on, thinking they’re using the established network. Instead, the evil twin’s administrator monitors every computer keystroke they make.
The British experts advise setting Wi-Fi network levels to their highest settings and changing network access passwords every 60 to 90 days for added protection.
—
(c) 2005, St. Louis Post-Dispatch.
Visit the Post-Dispatch on the World Wide Web at http://www.stltoday.com/
Distributed by Knight Ridder/Tribune Information Services.
AP-NY-01-21-05 1523EST
Send questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.