Penetration tests show that half of wireless networks at major mall stores could be easily hacked
This holiday season, the greatest danger to retailers isn't the guy in the trench coat shoplifting small items. It's the guy out in the parking lot with a wireless antenna.
That's the conclusion of a new report published today by AirDefense Inc., a wireless security vendor. "Today's retailer faces a greater threat from data breaches than from simple theft," says Amit Sinha, CTO of the company.
During the study, AirDefense staffers used wireless antennas to test the wireless "perimeters" of some 3,000 stores in major malls across the globe. The company discovered some 2,500 laptops, hand-helds, and barcode scanners and approximately 5,000 access points -- and about 85 percent of them would have been relatively easy to hack, Sinha says.
"Twenty-five percent of them were completely open -- they weren't secured at all," Sinha reports. "Another 25 percent were protected only by [Wired Equivalent Protection]," a security technology that has been widely proven to be vulnerable.
Twelve percent of the wireless LANs tested were configured with the name of the store as the Service Set Identifier (SSID), "which is like giving the thief a map to your store," Sinha says. Many other wireless devices were still configured with out-of-the-box default passwords, most of which can be found in widely-published lists on the Web.
"What this says to me is that despite all the discussion of [Payment Card Industry Data Security Standard] and huge breaches such as TJX [Companies], many retailers still don't see the threat," Sinha remarks. "There's still a lot of education that needs to be done."
Loosely secured retail store networks are a danger for several reasons, Sinha observes. First, the local network and bar code readers can be exploited to steal credit card and transaction information from in-store customers. Second, many local store WLANs are linked with corporate networks or partners' systems, which make them an excellent point of entry for attackers.
Court records indicate that it was this exact type of attack on a retail store that initially compromised the systems and data at TJX. (See Canadian Government Sheds Light On TJX Breach.)
Retailers need to rethink their security strategies, most of which are focused on physical theft, Sinha advises. "They spend a great deal of time and money on guards and surveillance cameras, but they aren't thinking about the wireless threat," he says.
AirDefense offers penetration testing services and tools that help retailers centrally monitor WLAN security across all of their outlets, identifying rogue devices and blocking their access. The AirDefense system can also help triangulate the location of an attacker to support law enforcement or criminal forensics, Sinha says.