Financial Districts WiFi Security Survey

Sign up for a customized personal demo with an AirTight expert.

Fields marked with asterisk (*) are required

  •  

    Your privacy is important for us.

Financial Districts WiFi Security Survey

  • Visited 7 financial districts (6 in US, 1 in UK)
  • Scanned WiFi signal for 5 minutes at randomly selected location
  • 3632 APs scanned
  • 547 Clients scanned
  • Picked up WiFi signals at 30 randomly selected points in:New York, Chicago, Boston, Wilmington,DE, Philadelphia, San Francisco, London
  • A sample WiFi trace tells a lot about network security posture in each location.

Key Findings: Widespread Use of Insecure Practices

Overall Distribution of WiFi security

Overall Distribution of WiFi security

  • 57% of WiFi networks are either OPEN or using weak (WEP) encryption

Classification of OPEN/WEP Access Points based on vendorís category
  • Enterprise grade APs were found configured in WEP mode instead of WPA or WPA2
    • 39% of threat posing APs (OPEN and WEP) are enterprise grade
  • 27% of open APs (non hotspot and non guest) were hiding their SSIDs
  • 61% of threat posing (OPEN and WEP) APs are home/SOHO grade
    • Such devices are operating beyond IT/Security groupís visibility and control
    • Authorized client devices can connect and bypass security controls

Distribution of WiFi Clients
  • 13% of mobile WiFi clients were found operating in ad hoc mode
    • Actively looking to connect to viral networks such as "Free Public WiFi" &  "Free Internet Access"
    • Vulnerable to wi-phishing or honeypotting

Personal data of finance executives leaking over the air
  • Personal data of finance executives leaking over the air

Financial Districts Scanning Report Clips


Financial Districts Riddled with Wireless Vulnerabilities

Financial Districts Riddled with Wireless Vulnerabilities

Search Security, Marcia Savage, 5/19/2009

AirTight Reveals Wi-Fi Security Risks for Airspace

AirTight Reveals Wi-Fi Security Risks for Airspace

Raju Shanbhag, TMCnet, 05/15/2009

Who Put the G in GRC?

Who Put the G in GRC?

IT Knowledge Exchange, David Schneier, 5/14/2009

Study reveals lack of financial wireless computer security

Study reveals lack of financial wireless computer security

Marcia Savage, Features Editor, Information Security magazine, 05/14/2009