The European Parliament disabled its public WiFi network following the detection of a suspected hack.
Linked to the exposure of weak security practices at the institution by EurActiv, the
Register reported that the private network is thought to be secure but administrators are advising users to avoid the public network following a possible man-in-the-middle attack that has allowed a (white-hat) hacker to capture a number of email passwords. Users have been advised to change their passwords as appropriate, and make sure they install digital certificates in their smartphones and computers that permit them to connect to the secure network.
Techies at the parliament also advised users to switch off the public WiFi network until further notice, and to contact the ITEC Service Desk in order to install an EP software certificate on all the devices that they use to access local IT systems.
Jason Hart, VP cloud solutions at SafeNet, said: “These reports highlight the increasing risks facing businesses as a result of Bring Your Own Device. As more employees bring their own devices into the workplace, businesses face the challenge of enforcing corporate security policies on consumer devices that are not solely controlled by the IT department. Most employees now store a wide range of both personal and business information on their mobile devices, so this lack of control exposes businesses to serious security vulnerabilities in the form of data breaches and unauthorised access.
“In order to address compliance mandates and security best practice, organisations can’t continue to rely on basic username and password when it comes to authenticating users. Single-factor authentication solutions do not offer comprehensive protection against more sophisticated threats such as man-in-the-middle attacks in which hackers hijack legitimate user identities.
“So, businesses need to adopt robust multi-factor authentication solutions as part of a holistic security strategy that offers multiple layers of protection. This includes encryption, access controls, encryption key management, network security and strong authentication.”
In a recent survey, 22 per cent of 2,500 respondents say that they access email in public places, while 12 per cent use public hotspots at least once a week.