Survey finds city's Wi-fi networks are at risk of hacking
Most Wi-fi internet networks in Hong Kong are vulnerable to hacking, a 'wardriving' survey has found.
Wardriving is described as driving around in a vehicle with a Wi-fi-enabled laptop, scanning for vulnerable Wi-fi signals.
Surveyors detected 30,457 Wi-fi access points - in homes, businesses and other offices - across the city during four days of assessment, jointly conducted by the Hong Kong Wireless Technology Industry Association (WTIA) and the Professional Information Security Association (PISA).
The annual survey was completed in December last year.
Some 22 per cent of access points were found to be highly vulnerable - without any encryption - while another 47 per cent of access points were configured with the low-security wired equivalent privacy (WEP) encryption.
Networks configured with WEP can easily be hacked within 10 minutes. The hacker can see what's being downloaded to, or uploaded from, a computer connected to the network, and can even use 'cookies' - markers stored in the computer to log into e-mail accounts.
Thirty-one per cent of access points were found to be encrypted with high security.
Ken Fong, vice-chairman of WTIA, said the survey last year had revealed that Hongkongers were using slightly more secure Wi-fi networks than in 2007 and 2006.
In 2007, about 28 per cent of access points were not encrypted, while 52 per cent of access points were WEP-configured. In 2006, 37 per cent of access points were not encrypted, while 50 per cent of access points were WEP-configured.
Alan Ho, vice-chairman of PISA, said: 'From the survey, there is no doubt that people's awareness on wireless local area network security is growing year after year. However, hacking technology has also advanced quickly. Thus, it is important for users to update their encryption methods regularly.'
Mr Fong said strengthening Wi-fi security could be easily done at home without expert assistance. For example, when making a connection, users can simply reject the 'auto connection' setting and use the encryption setting instead, he said.
More advanced routers can enable safer encryption. For instance, people using routers made before 2004 can only render WEP-configured encryption.