Saturday, November 30, 2013

Hack Prompts European Parliament to Shut Down Public Wifi

Hack prompts European Parliament to shut down public Wi-Fi

November 28th 2013 8:13 PM

The European Parliament has shut down its public wireless network following the detection of a man-in-the-middle attack that could snoop on communications from smartphones and tablets.

The organisation posted a note online detailing how the parliament had been subjected to the attack. It said some individual’s inboxes had been compromised and all affected users have already been contacted and asked to change their passwords.

“As a precaution, the Parliament has therefore decided to switch off the public Wi-Fi network until further notice, and we invite you to contact the ITEC Service Desk [IT Desk] in order to install an EP software certificate on all the devices that you use to access the EP IT systems (email, etc),” the note read.

Employees were advised to change passwords and use only known secured wireless networks.

"In the medium term, the Parliament will take additional measures to further secure the communication to the Parliament,” it added.

Another post suggests hackers set up an “evil twin” wireless router near the building in Strasbourg and had stolen the usernames and passwords of 14 people at the European Parliament.

IT Pro has contacted the European Parliament to find out when the public wireless network will come back online, but at the time of publication, no response had been received.

Experts said the increasing use of employee’s own personal devices is aggravating the problem.

"As more employees bring their own devices into the workplace, businesses face the challenge of enforcing corporate security policies on consumer devices that are not solely controlled by the IT department," said Jason Hart, vice president of cloud solutions at security firm SafeNet. 

"Most employees now store a wide range of both personal and business information on their mobile devices, so this lack of control exposes businesses to serious security vulnerabilities in the form of data breaches and unauthorised access."


No comments:

Post a Comment