Fewer than half of UK businesses have secured their wireless networks, despite wireless becoming a focal point for attacks from ‘drive by’ hackers.
The Department of Trade and Industry (DTI) biennial Information Security Breaches Survey 2004, which interviewed 1,000 chief security officers at companies of all sizes across the UK, found that just one-fifth use wired equivalent privacy (WEP) or other encryption tools to safeguard their wireless networks.
More than half had no security controls in place at all.
The number of companies using wireless networks has risen dramatically in recent years, from just 2% in 2002 to more than one-third today. Large companies were earlier adopters than smaller companies, according to the survey.
At the same time, hacking (by any means) has apparently quadrupled during the last two years. Almost one in 10 businesses with wireless networks reported hacking attempts, but alarmingly, just 23% of companies are aware when their wireless network is being scanned or attacked. The number of attacks could therefore be much higher.
Another worrying trend is the lack of security measures in place to safeguard data stored on handheld computers. Although 35% of businesses now use handhelds, 58% have no security processes in place at all to cover them. Most of the controls that have been deployed by companies concern the use of handheld computers rather than technological protection.
The DTI blamed the slow deployment of security measures on lack of awareness surrounding the risks, security incidents and the protection available.
Wide open wireless? (April 2002)
Wireless networking may offer attractive benefits to organisations — but it also offers attractive opportunities to hackers.