'WiPhishing' Said To Threaten Wi-Fi Users - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

'WiPhishing' Said To Threaten Wi-Fi Users

A network security vendor claims that a new danger, which is related to the 'Evil Twin' gambit, threatens wireless users and enterprise networks.

Network security vendor Cirond said Friday that a new danger, which it calls "WiPhishing" threatens users of laptops equipped with Wi-Fi and the companies that employ those users.

The threat is a variation of the "Evil Twin" gambit that was in the news in the last month, the company said.

"We call WiPhishing the act of covertly setting up a wireless-enabled laptop or access point for the purpose of getting wireless laptops to associate with it," Cirond CEO Nicholas Miller said in a statement. "Hackers who are on a 'WiFishing expedition' may set the name of their rogue wireless access point (or laptop) to an SSID that is commonly used by wireless laptop users."

For example, a WiPhisher could set the SSID of an access point or laptop to be the same as the default settings for widely-sold access points or hotspot services offered by vendors such as T-Mobile and Wayport, Miller said.

"Hackers are also likely to increasingly post common SSID names on their Web sites as this practice gains momentum," Miller said.

Miller said he will outline solutions to this problem -- including solutions offered by Cirond -- at a security conference next week in Victoria, British Columbia. He said he has been working with the researcher, Dr. Phil Nobles, who was vocal about the 'Evil Twin' threat in the last month. That threat jams access to legitimate access points and guides users into logging on to what they think is a legitimate wireless network that, in fact, set up by hackers.

In both cases, the threat is that hackers can intercept keystrokes or gain unauthorized access to enterprise networks, according to Miller.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
7 Technologies You Need to Know for Artificial Intelligence
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2019
Commentary
A Practical Guide to DevOps: It's Not that Scary
Cathleen Gagne, Managing Editor, InformationWeek,  7/5/2019
Commentary
Diversity in IT: The Business and Moral Reasons
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  6/20/2019
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll