Community

Join the Community

21,630
Expert opinions
43,844
Total members
422
New members (last 30 days)
159
New opinions (last 30 days)
28,577
Total comments
Join Sign in

Waking up to wireless

2 comments
Paul Penrose
Paul Penrose
Head of Research
Finextra
Location
London
Followers
10
Opinions
307
Unfollow
The WSJ has reported that the hackers who made off with the credit and debit card details of 45 million shoppers at TJX, initially breached the firm’s perimeter defences through an insecure wireless network. TJX has yet to confirm the report, but according to the WSJ, opportunistic hackers used a laptop and an antenna to intercept data moving wirelessly between hand-held price checking units and store computers and cash registers at a Marshall’s clothing store in Minnesota. The data they got from this enabled them to crash the central database of parent company TJX.

It seems that the compromised wireless network was ‘protected’ using WEP (Wired Equivalent Privacy) encryption, one of the weakest forms of Wi-Fi security that can be cracked in as little as three seconds.

Given the proliferation of wireless access points to financial institutions, it might be an appropriate moment to dust off those old WiFi security policies and triple-check defences. A break-in on the TJX scale would be enough to finish off any bank.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

4080

Share

 
 
 
 
 

Channels

/security /retail banking

Comments: (2)

A Finextra member 

A scary item here on The Register about how WEP is hackable in around two minutes. Oh dear.

Elton Cane

Elton Cane Digital product delivery at News Corp Australia

2 minutes or 3 seconds -- either way, it's a short enough time that someone could sit with their laptop within range of your network and compromise the security without raising suspicion. All security-conscious organisations with wireless networks should be using WPA encryption with a RADIUS server.

Paul Penrose
Paul Penrose
Head of Research
Finextra
Member since
06 Oct 2006
Location
London
Followers
10
Following
4
Opinions
307
Unfollow

ANZ and Visa lose the plot

Don't give up the day job...ever

Now we are ten

Finextra's Best of the Web

The ATM was the last great financial innovation

See all Opinions from Paul

More expert opinions

Dmytro Spilka

Dmytro Spilka Director and Founder at Solvid, Coinprompter

5 Ways Fintech is Evolving the Brick-and-Mortar Retail Experience

Kyrylo Reitor

Kyrylo Reitor Chief Marketing Officer at International Fintech Business

How to Get an Electronic Money Institution License in the EU?

Maya Kumar

Maya Kumar EVP at Banked

The Growth of Pay by Bank - The Hard Facts

1

Santosh Radhakrishnan

Santosh Radhakrishnan Chief Commercial Officer at XYB Limited

Coreless Banking: The New Evolution of Core Banking

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

21,630
Expert opinions
43,844
Total members
422
New members (last 30 days)
159
New opinions (last 30 days)
28,577
Total comments
Join Sign in

Trending

Nkiru Uwaje

Nkiru Uwaje Chief Operating Officer at Mansa

Explained: The Tokenisation of Financing

Dirk Labuschagne

Dirk Labuschagne Chief Information Security Officer at Direct Transact

Financial Shutdown Risk Mitigation

Alexander Boehm

Alexander Boehm Chief Executive Officer at PayRate42

How MiCA Will Transform Crypto Payment Providers: What You Need to Know

Hugo Chamberlain

Hugo Chamberlain COO at smartKYC

The Perils and Promise of Using Generative AI for KYC Screening

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept