The "evil twin" problem is not new, but is a Wi-Fi phishing menace that has been plaguing wireless networks for several years, according to AirMagnet. Customers, such as hot spot providers and hotels, could first seek protection from spoofed wireless access points (APs) and similar attacks as early as 2002, the wireless network security and performance expert states.
A would-be "evil twin" hacker sets a service identifier (SSID) to mirror an access point at the local hot spot or coffee shop, or even a corporate wireless network. The hacker then disrupts or disables the legitimate AP by disconnecting it, directing a denial of service against it, or creating sufficient radio frequency (RF) interference around the AP, with a metal object or similar obstacle, to prevent communication with nearby laptops or other devices. Users that were connected to the legitimate AP lose their connections and re-connect to the "evil twin", allowing the hacker to intercept all the traffic to that device.
"While many corporate wireless networks have security measures in place to prevent hackers from gaining access to sensitive information, users of hot spots and other public wireless networks are more at risk," said Dean Au, AirMagnet President and CEO. "The growing menace of phishing scams, and the increasing use of Wi-Fi networks for e-commerce transactions make securing these networks absolutely critical. AirMagnet customers already have the tools to locate and defeat 'evil twins' and hundreds of other Wi-Fi issues, including denial of service attacks."