A survey carried out by the Security, Privacy and Resiliency team of Akintola Williams Deloitte, has revealed that about 47 percent of 1,500 Wireless Access Points (WAP) in major business areas of Lagos State appear to be vulnerable. This means that they are not encrypted or have very weak encryption.
Out of these, 23percent had no protection, while 24 percent were using obsolete protection.
Wireless Access Points are devices configured on Wireless Local Area Networks (WLAN) which act as central points to connect wireless communication devices and to send and receive Wi-Fi radio signals.
In addition, the survey showed that about 81 percent of the wireless networks were broadcasting default manufacturer Service Set Identifiers (SSIDs) as their wireless network names. Only 14 percent are disclosing the ISP reconfigured SSID, while 6 percent are disclosing the manufacturer preconfigured SSID.
Among other risks, the use of unsecure wireless network exposes users to intelligent unauthorised users, who may sniff data such as bank account details, debit or credit card number, online transaction passwords and email communication, transmitted over the unsecured wireless networks, which can be used for personal benefit.
According to Deloitte, the survey titled “wireless security survey: analysis of wireless network security landscape of Lagos State” was carried out using the wardriving techniques and “information was collected from access points throughout major business locations in the city, such as Ikoyi, Victoria Island, Ikeja and Lagos Island, with a view to understanding the area’s of use of wireless network technology and possible security exposures.
“While we did not check whether default device passwords were in use, it was possible that default manufacturer password may also be left unchanged on some of these networks, making them very vulnerable,” the survey said.
It further observed that Wireless Networks are growing rapidly, especially among home users and the Small and Medium Enterprises (SMEs). “However, the limited awareness about security issues and information about securing them has led to the exploitative misuse of unsecured Wireless Networks,” it disclosed.
Adeniyi Obe, CEO, Akintola Williams Deloitte,said technology is continuously evolving all over the world and especially in Nigeria. “Some years ago, the most prevalent form of network infrastructure was the Wired Local Area Network (LAN). Now many companies and businesses in Nigeria use the wireless networks because of the cost advantage, flexibility and scalability. This means that a lot of sensitive information and even financial transactions are being transferred ‘over the air’ with the use of wireless technology, especially with the Cashless Society initiative.”
He said that wireless networks like any other good thing, come with some pros and cons, “Deloitte understands that there are several ways to protect sensitive information being transmitted on the wireless networks and are interested in measures companies and businesses can put in place to preserve the confidentiality and integrity of the information been transmitted over their wireless networks.”