Story image

Warbiking tour reveals the Aussie city with stellar WiFi security

07 Feb 2018

Perth might just have some of the best WiFi security in the country – so far – but security experts from Sophos say they hope to see the trend continue across Australia’s other major cities.

Security experts Chet Wisniewski and John Shier have conducted a two-day ‘warbiking’ exercise across the city.

They rode their computer-equipped bicycles with a mission: to expose unsecure wireless networks and dangerous user behaviours that hackers could exploit.

The bikes were equipped with passive scanning technology consisting of Raspberry Pis, external WiFi antennae, GPS antennae, a solar panel and some external batteries.

They found that out of the 7238 access points the pair surveyed, 94% of operators were operating WPA or WPA2 security protocols.

68% were using WPA2 security protocols, less than 2% were using WPA, less than 1% were using WEP and only 6% were using no security protocols at all.

They found that about 300 laptops, cars (including Ford and Audi), printers, PlayStations, ChromeCasts, Sonos, GoPros and other devices with ad-hoc networking enabled.

Organisations are also segmenting their WiFi networks for specific purposes such as corporate, guests and IoT.

There were also more than 125 manufacturers of APs across the city, which the Sophos experts say demonstrates diversity and inherent security against the same attack.

“Over the course of a couple of hours, we found over 70,000 data points each in Perth – that tells you the ubiquity of wireless in our major cities today,” Shier says.

“Individuals want to be connected at all times, but it is critical to understand the risks that come with connecting to unsecure networks, not to mention what can be hacked by outsiders.” 

Wisniewski adds that Perth seems to have some of the best security in any city Sophos has surveyed.

 “In Perth, 6 per cent of APs were left unencrypted, this is down from between 14 per cent and 28 per cent in other cities we’ve measured in the past, suggesting that we have largely eliminated networks that are open by mistake. Whilst WiFi encryption is only one part of online safety, it’s good to see the city taking it seriously – a trend we hope to see across our other major cities including Sydney, Melbourne, and Canberra,” he says.

We recently conducted an interview with Sophos A/NZ general manager Ashley Wearne to find out how it uses deep learning neural networks to boost security via artificial intelligence and machine learning. Read it here.

Cryptomining apps discovered on Microsoft’s app store
It is believed that the eight apps were likely developed by the same person or group.
WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
Swiss Post asks public to hack its e-voting system
Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
Flashpoint signs on emt Distribution as APAC partner
"Key use cases that we see greatly benefiting the region are bolstering cybersecurity, combating insider threats, confronting fraud, and addressing supply chain risk, to name a few."
The attack surface: 2019's biggest security threat
As businesses expand, so does their attack surface – and that may be the biggest cybersecurity risk of them all, according to Aon’s 2019 Cyber Security Risk Report.
Opinion: Cybersecurity as a service answer to urgent change
Alan Calder believes a CSaaS model can enable a company to build a cyber resilience strategy in a coherent and consistent manner.
Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.