Our World of Warbiking tour cycled through London, UK, where we surveyed the Wi-Fi networks people use everyday as they move about the city, connecting on their laptops and mobile devices. What we found is an enormous lack of security.
The warbiking project involves traveling around the globe, riding the streets of major cities with my computer-equipped mountain bike, and looking for wireless connections along the way to sneak a peek at the companies and regular people who are using them. (Don’t worry, it’s all perfectly legal.)
What we found is somewhat alarming, if not downright scandalous. People in London, much like their counterparts in San Francisco, are all too happy to connect to unsecured wireless networks, without using encryption. It’s an invitation for a cybercriminal to do harm, even though many people don’t even know it.
Most Wi-Fi networks we surveyed in London used outdated or no encryption
By now we all should appreciate that encryption is a must-have if you want to keep your personal data safe.
Out of 81,743 networks surveyed on our tour of London, some 29.5% were using either the known-broken Wired Equivalent Privacy (WEP) algorithm, or no security encryption at all. A further 52% of networks were using Wi-Fi Protected Access (WPA) — a no longer recommended security algorithm.
Only a paltry 17% of Wi-Fi networks we scanned were using the recommended WPA2 encryption.
Would you trust a network called DO NOT CONNECT?
When we set up an open wireless network in a busy part of London, lots of people connected to our network, even when we called it DO NOT CONNECT. Most connected to the Internet without using encryption, even when visiting really important websites like their webmail, social networks, and banking websites.
What many of these normally tech-savvy people don’t appreciate is that whenever you connect to a network, the owner of that network could insert code on your computer or redirect you to a malicious website.
If you use a VPN your information is encrypted as it crosses the web, so it’s safe from any attacker. Sadly, only 2% of people connecting to our hotspot used a VPN.
10 wireless security tips
Even though many people get security wrong, that doesn’t mean it has to be difficult. There are lots of easy ways to improve your security. I urge you to read these 10 tips to learn more: sophos.com/tips.
Check out the short video below to see the highlights of my London ride, learn how warbiking works, and find out more about what we uncovered.
How do cities around the world compare to London and San Francisco? Find out when the World of Warbiking comes to a city near you.
World of Warbiking: London from Sophos on Vimeo.
Sophos at Infosecurity Europe 2014: Credit card crime, Android malware, and a look inside SophosLabs | Sophos Blog
[…] Infosec 2014 Join us for a warbiking ride to find out how much information people are giving away about themselves, just by using their […]
Sophos news in review: Cloud-managed security gets simplified, warbiking London, and Naked Security wins | Sophos Blog
[…] we made some headlines with our warbiking tour of London. We talked to crowds at Infosecurity Europe. And our Naked Security blog won Best Overall Security […]
How cyber safe is Las Vegas? Sophos ‘warbiker’ reveals wireless insecurity | Sophos Blog
[…] up the signals of Wi-Fi networks and the devices connecting to them. Vegas is a place, much like San Francisco and London, where people have a worrisome lack of […]
Sophos news in review: Channel surfing, bad BYOD habits, and Siri’s security bug | Sophos Blog
[…] those Wi-Fi hotspots? As our James Lyne has repeatedly shown on his World of Warbiking tour, an open Wi-Fi network is an invitation for a criminal to do […]
Apple’s iOS 8 will help keep out Wi-Fi marketers and snoops, but not totally | Naked Security
[…] Sophos's James Lyne recently went on a "warbiking" tour to see how careful the general public is when connecting to Wi-Fi networks. First stops – San Francisco and London. […]
Sophos news in review: Sysmas prizes, Gameover do-over, and warbiking down under | Sophos Blog
[…] James has warbiked in San Francisco, Las Vegas, London, and elsewhere. How will other cities around the world […]
Sophos on ABC World News: Free Wi-Fi networks have security risks (Video) | Sophos Blog
[…] does New York City’s wireless security compare to other cities around the world like London and San Francisco? Find out more from our World of […]
Sophos Warbiking exposes Wi-Fi hotspot dangers in San Diego | Sophos Blog
[…] hotspots around the city. And much like other cities we’ve visited such as New York and London, people may be unaware of the worrisome lack of security on many of these […]
Sophos on the TODAY Show: That free open Wi-Fi could cost you your identity | Sophos Blog
[…] like his previous research experiments in cities like London and San Francisco, James set up an open Wi-Fi hotspot in New York City to see how many people […]
Net Universe ǀ Connecting Solutions – Sophos on the TODAY Show: That free open Wi-Fi could cost you your identity
[…] like his previous research experiments in cities like London and San Francisco, James set up an open Wi-Fi hotspot in New York City to see how many people would […]
Sophos on the TODAY Show: That free open Wi-Fi could cost you your identity — The Cloud Key
[…] like his previous research experiments in cities like London and San Francisco, James set up an open Wi-Fi hotspot in New York City to see how many people would […]
ste williams – How secure is your Wi-Fi? 3 things small businesses need to know
[…] experiments in London, New York City, San Francisco and several other big cities, Sophos “warbikers” James […]
Unsecure Wi-Fi – are you guilty of this “Deadly IT Sin”? | Sophos Blog
[…] Sophos Global Head of Security Research James Lyne discovered in his “warbiking” research experiments, around one-third of the Wi-Fi networks he scanned had no encryption or […]