‘Evil Twin’ Haunts Wi-Fi Users

An IT security expert, an academic and the U.K. government’s cybercrime unit will give Londoners an introduction to the security dangers of wireless networking on Thursday—with the star of the show being an attack method dubbed the “Evil Twin.”

The Evil Twin is essentially a wireless version of a phishing scam—users think they’re connecting to a genuine hot spot but are actually connecting to a malicious server, which can then extract information such as bank details. The attack can be carried out by anyone with the right equipment in the vicinity of a legitimate base station, according to Dr. Phil Nobles, wireless Internet and cybercrime expert at the U.K.’s Cranfield University.

“The [malicious base station] jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client, thereby turning itself into an ‘Evil Twin,'” Nobles said in a statement. Users are invited to connect via a fake log-in prompt, he said. Nobles will be demonstrating this and other attack methods at the Science Museum in London.

The free event—which also includes presentations from the U.K.’s National High Tech Crime Unit and an IT security specialist—is designed to give the public some idea of the potential dangers they face when using public Wi-Fi hot spots. The U.K. has one of the highest concentrations of Wi-Fi hot spots in the world, with over 1,000 commercial hot spots in London alone. Overall, the U.K. has more than 9,300 hot spots, second only to the United States, with more than 22,000, according to online Wi-Fi guide Jiwire.com.

Professor Brian Collins, head of Cranfield’s Information Systems Department, said the dangers will only increase as hot spots become more common. However, like other wireless security experts, he said users can mitigate most problems simply by turning security measures on. Most wireless laptops ship with security deactivated.

The popularity of Intel Corp.’s Centrino chip for wireless laptops has played a big part in popularizing Wi-Fi, according to industry observers. Intel this week introduced a new Centrino with additional wireless security features, including built-in support for Cisco-compatible extensions for WPA (Wi-Fi Protected Access).

Several security standards coming through the pipeline, such as WPA2, are designed to make enterprises more comfortable with using wireless networks. T-Mobile is introducing strong, 802.1x-based authentication and encryption across its network of 4,700 U.S. hot spots for the same reason.

Check out eWEEK.com’s for the latest news, reviews and analysis on mobile and wireless computing.