Wireless Internet networks in millions of British homes can be hacked in less than five seconds, enabling cyber criminals to spy on families and steal their identities and bank information, according to a new study commissioned by card protection and insurance firm CPP.
In an ethical-hacking experiment conducted across six U.K. cities, nearly 40,000 networks were revealed as high risk. Although a majority of Brits believe their network is secure, the study revealed approximately a quarter of private wireless networks have no password. Even password-protected networks are not secure, as hackers can crack a typical password in just seconds.
Hacking into a private network not only allows cyber criminals to buy illegal pornography, or sell stolen goods without ever being traced, it also allows fraudsters to access credentials and information that can be used to steal identities to commit fraud and other illegal activity.
The study also reveals the dangers of surfing the web over publicly available networks. While nearly one in five wireless users said they regularly use public networks, hackers were able to harvest usernames and passwords from unsuspecting victims at a rate of more than 350 an hour.
In addition, the experiment showed more than 200 individuals unsuspectingly logged onto a fake Wi-Fi network over the course of an hour, putting themselves at risk from fraudsters who could collect their personal and financial information.
“When people think of hackers, they tend to think of highly organized criminal gangs using sophisticated techniques to crack networks,” said CRYPTOCard Senior Vice President Jason Hart, who conducted the experiments. “However, as this experiment demonstrates, all a hacker requires is a laptop computer and widely available software to target their victims.”
Hart added with the increase of smartphones and wireless networks, hackers do not have to work hard to crack usernames and passwords, allowing them access to emails, social networks, and online banking sites and to steal the online identity of their victims.
“It’s vital that both businesses and individuals think very carefully about network security and what information they provide when going online,” he said.