The Telkom Mega 100 and 200 wireless modems have been found to be easy to hack, says Dino Covotsos, CEO of Telspace Systems.
Covotsos demonstrated their vulnerabilities at ITWeb Security Summit 2008, in Midrand, yesterday.
"ADSL in SA comes with wireless as a feature and this leaves them open to exploitation," he said. "Everyone that leaves their modems with a 'default' WPA passkey, which is by default the MAC address, is open to attack."
Covotsos showed delegates how easily the Telkom modems could be hacked, and said: "It is so simple, that getting them assessed isn't even considered."
There are, however, steps that can be taken to secure this wireless security further, said Covotsos. "Telkom does need to urgently address this issue, but there are additional precautions which can keep the user more secure in the meantime."
Covotsos suggested the modem's WPA key be changed immediately, and that it should be between eight and 64 characters in length.
He explained to delegates that when he tried to alter the passkey on specific models, it was denied, but there may have been changes in the meantime. "There may be new firmware available that allows for the key to be changed and more complex security implemented."
Covotsos also asked delegates to keep in mind that he only attempted to hack the 100 and 200 models, and is not sure what others may be vulnerable as well.
He said all attempts to contact Telkom about these vulnerabilities have so far proved unsuccessful.
Covotsos feels that when it comes to awareness levels and security, locally we are not where we should be.
"What is especially worrying is those that are not really PC literate," he said. "They will take for granted that their Telkom modem installation is secure. But Telkom has released this to the public and are putting people at risk."
Related story:
Wireless hacking course takes off
Share