Wardriving in London 2007
by Alexander Gostev - Senior Virus Analyst, Kaspersky Lab, VirusList - Friday, 1 June 2007.
Cisco was able to maintain its foothold at Canary Wharf, despite the amount of equipment from this manufacturer having almost halved in number. CyberTAN was squeezed out of second place by Airespace, a manufacturer that was not featured in our previous reports.

In London as a whole, as we noted above, we identified 26 manufacturers. Equipment from the top five manufacturers was used in 15% of all networks, just as in the Canary Wharf district.

The volume of unidentified equipment (Fake, Unknown, or User Defined) grew from 15% in 2006 to 76%.

The main difference between the London as a whole and the Canary Wharf district is the top five manufacturers.

Cisco was squeezed out of first place by CyberTAN, and Aruba and 2Wire have lost ground to Linksys and Airespace. Only Netgear's share has not changed.

Traffic encryption

The most important and interesting factor when it comes to wireless networks is the correlation between secure and unsecured hotspots. Since we first started wardriving in 2005 in Beijing and Tianjin, each city we investigated set new records in this area.

Beijingís figures showed less than 60%, which was down to 55% at CeBIT 2006. London in 2006 was recorded at 50%, and Paris seemed to have achieved the unachievable with only 29% of networks not using encryption. Warsaw did fairly well this spring - better than London - with 42%.

We were happy with the results we found during our visit to the British capital this year. First let's take a look at the numbers for Canary Wharf.

Canary Wharf demonstrated excellent figures with just 35% of networks running without traffic encryption in this enclave of numerous skyscrapers, including Great Britain's tallest building, the 238-meter Canada House. This district is also home to a number of international banks (HSBC and Citibank to name a few), insurance companies, news agencies, etc. These are the very organizations that could be targeted by hackers and fall victim to the theft of commercial information.

Only a year ago 40% of all networks in this district were unencrypted. On the one hand, this clearly shows an increase in the number of secure networks. Canary Wharf has even managed to outdo La Defense, which registered at 37% in November last year. On the other hand, the improvement was just 5%. Just as before, over one-third of all hotspots could become the targets of hacker attacks. Furthermore, this increase took place while the total number of hotspots more than doubled. In the end, the new networks arenít that much different from the older ones, and clearly not all potential threats - which have been recognized for years now - are taken into consideration when these networks are set up.

Even worse is that once again, London's overall traffic encryption proved to be better than that of the business district. This was also noted in Paris (29% for the city as a whole, 37% for La Defense). Last year, Canary Wharf had better numbers than London as a whole, but has slipped this year with 31% of networks being encrypted as opposed to 35% of networks in the rest of the city.

Consequently, the figure for London overall has improved by almost 20%. The British capital only needs to work a little more on its networks in order to surpass Paris, but the numbers are now so close that we can say these two cities are on an equal footing. Londonís business district, however, needs to make some improvements in order to achieve the level of wireless security enjoyed at La Defense.

Types of networks

Wireless networks may be created around ESS/AP hotspots, or as Peer/AdHoc (computer-to-computer) connection.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th