Many Retailers Open to Wireless Attacks

Penetration tests show that half of wireless networks at major mall stores could be easily hacked

Tim Wilson, Editor in Chief, Dark Reading, Contributor

November 15, 2007

2 Min Read

This holiday season, the greatest danger to retailers isn't the guy in the trench coat shoplifting small items. It's the guy out in the parking lot with a wireless antenna.

That's the conclusion of a new report published today by AirDefense Inc., a wireless security vendor. "Today's retailer faces a greater threat from data breaches than from simple theft," says Amit Sinha, CTO of the company.

During the study, AirDefense staffers used wireless antennas to test the wireless "perimeters" of some 3,000 stores in major malls across the globe. The company discovered some 2,500 laptops, hand-helds, and barcode scanners and approximately 5,000 access points -- and about 85 percent of them would have been relatively easy to hack, Sinha says.

"Twenty-five percent of them were completely open -- they weren't secured at all," Sinha reports. "Another 25 percent were protected only by [Wired Equivalent Protection]," a security technology that has been widely proven to be vulnerable.

Twelve percent of the wireless LANs tested were configured with the name of the store as the Service Set Identifier (SSID), "which is like giving the thief a map to your store," Sinha says. Many other wireless devices were still configured with out-of-the-box default passwords, most of which can be found in widely-published lists on the Web.

"What this says to me is that despite all the discussion of [Payment Card Industry Data Security Standard] and huge breaches such as TJX [Companies], many retailers still don't see the threat," Sinha remarks. "There's still a lot of education that needs to be done."

Loosely secured retail store networks are a danger for several reasons, Sinha observes. First, the local network and bar code readers can be exploited to steal credit card and transaction information from in-store customers. Second, many local store WLANs are linked with corporate networks or partners' systems, which make them an excellent point of entry for attackers.

Court records indicate that it was this exact type of attack on a retail store that initially compromised the systems and data at TJX. (See Canadian Government Sheds Light On TJX Breach.)

Retailers need to rethink their security strategies, most of which are focused on physical theft, Sinha advises. "They spend a great deal of time and money on guards and surveillance cameras, but they aren't thinking about the wireless threat," he says.

AirDefense offers penetration testing services and tools that help retailers centrally monitor WLAN security across all of their outlets, identifying rogue devices and blocking their access. The AirDefense system can also help triangulate the location of an attacker to support law enforcement or criminal forensics, Sinha says.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading


Tim Wilson is Editor in Chief and co-founder of Dark, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights