Nearly half of home wi-fi networks can be hacked in less than five seconds, according to a new study.
In an ‘ethical hacking’ experiment conducted across six UK cities, nearly 40,000 networks were revealed as high-risk, opening up the personal data of thousands of individuals (1).
The study, commissioned by life assistance company CPP, lifts the lid on wi-fi insecurity across Britain ahead of National Identity Fraud Prevention Week.
An ethical hacker roamed Britain’s cities using specially developed, freely available software identifying insecure networks.
According to the findings, nearly a quarter of private wireless networks has no password whatsoever attached, making them immediately accessible to criminals. This is despite majority (82 per cent) of Brits mistakenly thinking their network is secure.
And even password-protected networks are not secure. A typical password can be breached by hackers in a matter of seconds.
Hacking into a private network not only allows unscrupulous individuals to ‘cloak’ criminal activities such as purchasing illegal pornography or selling on stolen goods. It also allows them to view the private transactions made by individuals over the network, accessing passwords and usernames which can then be used to impersonate the victim and commit identity fraud and other illegal activity. Worryingly, only one in 20 people knows for certain that their network has been used without their permission, indicating that the vast majority remain ignorant of the risk.
The study also reveals the dangers of accessing the internet over publicly available networks. While nearly one in five wireless users (16 per cent) say they regularly use public networks, hackers were able to ‘harvest’ usernames and passwords from unsuspecting people at a rate of more than 350 an hour, sitting in town-centre coffee shops and restaurants. In addition, the experiment showed that more than 200 people unsuspectingly logged onto a fake wi-fi network over the course of an hour, putting themselves at risk from fraudsters who could harvest their personal and financial information.
Identity fraud man at CPP, Michael Lynch, said: "This report is a real eye-opener in highlighting how many of us have a cavalier attitude to wi-fi use, despite the very real dangers posed by unauthorised use. We urge all wi-fi users to remember that any information they volunteer through public networks can easily be visible to hackers. It’s vital they remain vigilant, ensure their networks are secure and regularly monitor their credit reports and bank statements for unsolicited activity."
Ethical hacker and Senior Vice President of CRYPTOCard Jason Hart, who carried out the experiments said: "When people think of hackers they tend to think of highly organised criminal gangs using sophisticated techniques to crack networks. However, as this experiment demonstrates, all a hacker requires is a laptop computer and widely available software to target their victims.
"With the growth in the number of smartphones and wireless networks, it has become far easier for hackers to crack usernames and passwords, allowing them access to emails, social networks, and online banking sites and even to assume the online identity of their victim. It’s vital that both businesses and individuals think very carefully about network security and what information they provide when going online."
(1)Ethical hacker Jason Hart travelled within the main arterial routes of each city within a four-mile radius, using basic ‘WarDriving’ equipment. The aim was to identify networks that emanated wireless signals excessively into a public place. All information received beyond the type of network and level of security was deleted. In addition, Jason Hart did not connect to any of these networks or crack any associated passwords.
Meanwhile an estimated five million wallets (1) have been lost in the past five years and a further four million (2) stolen costing Brits £765 million in lost cash (3).
The new research commissioned by CPP, who offer among other things mobile phone, and identity protection insurance, suggests that in addition to the average £85 cash, Brits carry over £7,000 in credit in their wallets every day.
Further to the research CPP did a nationwide live social experiment (4) questioning Britons’ honesty and found that only two in ten of ‘accidentally dropped’ wallets were returned to their rightful owners and only half of those (55 per cent) contained the original sum of money.
However, three fifths of Brits claim they would either hand in, or try to track down, an owner of a lost wallet.
Not only do the vast majority of Brits (77 per cent) never see their lost or stolen wallets again, the average person will spend over 110 hours – or four and a half days – replacing their personal mementos and credit and debit cards.
The consequences of a lost wallet are serious. Beyond losing cash, precious personal mementos and the time taken in replacing lost items, careless Brits are exposing themselves to greater risks. Of those who lost their wallet or purse or had it stolen, one in five claim to have fallen victim to card fraud, while an unlucky one in twenty had their identities stolen. Worryingly, only two in five considered the danger of card fraud or identity theft when they lost their wallet or purse.
Of the cities investigated in the live experiment, Birmingham fared the worse – one in four wallets were returned and all were completely empty. Next came Glasgow, Cardiff and Leeds. Surprisingly London fared better with all those wallets which were returned still containing the original sum of money.
The research reveals that Brits are far likelier to have their wallet or purse returned if it’s lost in a museum as around half (47 per cent) ‘dropped’ in a museum were handed in. Those ‘lost’ in shopping centres also stand a better chance with a third being returned. Consumers dining out or on buses and trains should be careful – none of the wallets placed in cafés or on public transport were returned.
Card fraud expert from CPP, Sarah Blaney, said: "Losing your wallet or having it stolen is a highly stressful experience and causes great inconvenience and worry. With the vast majority of people carrying their credit and debit cards, as well as vital personal information in their wallets, millions of people are putting themselves at risk of fraud. Card fraud remains a problem in the UK, and identity theft is on the rise, so we urge all consumers to take extra care of their belongings to make sure they’re not hit with any unauthorised spending on their cards."
To protect consumers and offer peace of mind, CPP provides Card Protection – a resolution system which insures cardholders and up to four people in their household against the consequences of card fraud. The service includes a 24 hour fraud resolution service, which notifies card providers, order replacement cards, advances cash to replace lost money and tickets and replaces missing keys.
Notes ?(1) The UK adult population according to ONS is 49,051,000. 10% of people claim they have lost their wallet in the last five years. 10% of 49,051,000 = 4,905,100
(2) 8% of people claim they have had their wallet stolen in the past five years. 8% of 49,051,000 = 3,924,080
(3) 9 million wallets have been lost or stolen in the past five years. The average lost or stolen wallet contains £85. £85 x 9,000,000 = £765,000,000
(4) Wallet Dropping Experiment completed by PCP Research
Methodology notes?
The procedure for this research involved wallets and purses being dropped at various locations in five UK cities. 20 wallets/purses were dropped per city, meaning a total of 100 were dropped in total. The ‘drops’ took place at six different types of location; shopping centre, street, public transport, car park, museum and café.
