Motorola Global Survey Shows Retailers Working to Improve Wireless Network Security; Data Still at Risk
Posted on: Wednesday, 28 January 2009, 07:00 CST
Motorola AirDefense's annual retail wireless survey finds 20 percent more retailers are improving their network security
Survey research included a review of wireless data security at more than 4,000 stores in some of the world's busiest shopping cities including
Security vulnerabilities in wireless networks typically are the result of weak encryption, data leakage, mis-configured access points and outdated access point (AP) firmware. One of the more overlooked issues with large retailers is a "cookie-cutter" approach to wireless technology. By using the same technology, configuration, security and/or naming conventions at all retail locations, vulnerabilities repeat themselves across the entire store chain, rendering them susceptible to attacks as well as Payment Card Industry (PCI) non-compliance.
"Retailers nationwide are improving wireless security, as quantified by the significant drop in vulnerable wireless devices that were discovered during this year's monitoring efforts," said
Motorola AirDefense's Wireless Security Survey monitored 7,940 access points - the hardware that connects wireless devices to wired computer networks - and discovered 32 percent were unencrypted, compared to 26 percent in last year's survey. Finding the same result as last year, 25 percent of APs were still using Wired Equivalent Privacy (WEP), the weakest protocol for wireless data encryption, which can be cracked in minutes. PCI Data Security Standard (DSS) version 1.2 prohibits new WEP deployments in the Cardholder Data Environment (CDE) beyond
Other interesting survey findings include:
Retailers in
12 percent of all APs monitored were using WiFi Protected Access (WPA) while another 27 percent were using WPA-PSK (pre shared key), which is only as strong as the shared password used to protect them. In total, only 7 percent of retailers were using WPA2, which is the strongest WiFi security protocol available today.
22 percent, or 1,740, of APs were mis-configured, an increase from 13 percent in the 2007 survey.
Some networks were deployed using default configurations and service set identification (SSID), such as "Retail Wireless," "Cash Register," "POS WiFi," or "store#1234," and "Default". This signals to hackers that nothing has been changed on these devices or the entire wireless network.
WiFi signage has become popular for retailers, advertising they offer wireless. However, advertising an open wireless network may tip hackers in targeting other customers, who may not be using effective data security tools.
32 percent of retail locations were leaking unencrypted traffic, with an additional 34 percent of retail locations leaking encrypted traffic, for a total of 66 percent. Data leakage is easily solved with simple configuration changes or modifications.
"PCI compliance requires the immediate elimination of unauthorized wireless devices from the CDE as well as an upgrade from WEP to WPA within the next 18 months," said
Using Motorola AirDefense technology, Motorola scanned the airwaves at major shopping centers for the presence of wireless networks and evaluated what wireless data security practices were currently in use. This evaluation took place during the third quarter and fourth quarter of 2008. No personal credit card information was obtained as the goal of this survey was to raise awareness among retailers about the importance of deploying best practices in wireless security to better protect the information on retailer networks.
About Motorola
Motorola is known around the world for innovation in communications. The company develops technologies, products and services that make mobile experiences possible. Our portfolio includes communications infrastructure, enterprise mobility solutions, digital set-tops, cable modems, mobile devices and Bluetooth accessories. Motorola is committed to delivering next generation communication solutions to people, businesses and governments. A Fortune 100 company with global presence and impact, Motorola had sales of US
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. (C) Motorola, Inc. 2009. All rights reserved.
SOURCE Motorola, Inc.
Source: PR Newswire
Related Articles
- Oracle Introduces Oracle(R) Retail Data Model to Enable Insight-Driven Retail Intelligence
- Lockheed Martin Opens Wireless Cyber Security Lab
- Alcatel-Lucent Selects SafeNet's Embedded IPsec VPN Solution for Revolutionary Wireless Laptop Security and Management System
- New Free Wireless Network Security Scan From Pure Networks Assesses Wireless Network Vulnerabilities
- PC Universe Selected As One of Internet Retailer's Hot 100 Best Retail Web Sites
- Annual Forecasts to 2010 for the World's Wireless LAN Security Market
- Florida PC Users Eager for Biometric Fingerprint Security and Convenience, AuthenTec Survey Reveals
- Retail Data Security Survey Shows Need for Greater Emphasis on Securing Consumer Information
- Japan's Kyocera Corp. To Sell Data Communications Device in China
- EMC to Introduce Upgrades to Its High-End Data Storage Devices
 |
 |
User Comments (0)
RSS Feeds