Securing the air for wireless
The benefits of wireless LANs (WLAN) are undeniable but the risks introduced by them are increasing exponentially. According to InStat MDR More than 75 million Wi-Fi devices have been deployed worldwide and another 4 million new WLAN devices are being shipped per month.
Some organisations think their investments in firewalls and VPNs will protect them from the risks of WLANs. However, they do not realise that the WLAN signal bypasses all wired side security and opens a back door for an intruder. Simply banning WLANs is not an option either as most laptops are shipped with built in wireless cards. If companies were to ban wireless networks, they would need to ban the use of laptops, which is an impractical solution.
It's a fact that any wireless device connected to a wired network essentially broadcasts an Ethernet connection and an onramp to the entire enterprise network. Unless properly secured and monitored across the global enterprise, these self-deploying, transient wireless devices and networks are dangerous to all organisations. Intruders and hackers will use an unsecured WLAN as a launch pad to break into to an organisation's corporate backbone and compromise the integrity of financial data, customer information or even trade secrets. No longer should the security of wireless networks be a peripheral thought.
The difficulties of securing the air
To understand the risk of wireless LANs, one must first understand the security vulnerabilities of all wireless LANs. Wireless LANs face all of the security challenges of any wired network. In addition new risks are introduced by the nature of wireless. First the medium in which a wireless LAN operates is the air, an uncontrollable space. Additionally, wireless devices self deploy and have the capability to connect to strangers.
Due to the growth of wireless LAN-enabled laptops and the increasingly wireless-friendly Windows XP Operating System, laptops in the default setting automatically search for an access point in which to connect. Lastly, wireless devices are transient in the way they connect. If a wireless device picks up a strong signal, it may connect with the new access point (AP) even if the AP is the laptop of an intruder in the parking lot.
There are many ways in which WLANs can be compromised:
More than rogue access points: A rogue WLAN has traditionally been thought of as a physical access point unsanctioned by network administrators. Today rogue WLANs are further defined as laptops, handhelds with wireless cards, barcode scanners, printers, copiers or any wireless LAN device. These devices have little to no security built in making it easy for intruders to find an entry point. Rogues could be maliciously placed by intruders to hack into a corporation or they can be innocently deployed by employees for easy wireless access.
Soft access points: While hardware APs have been the focus of security issues to-date, wireless-enabled laptops are easily configured to function as access points with commonly available freeware such as HostAP or software from PCTel. Known as "Soft APs," these laptops are harder to detect than rogue access points. The Soft AP is quite dangerous as it appears as a user station to all wire-side network scans.
Accidental associations: Accidental associations are created when a neighboring access point across the street or on adjacent floors of a building bleeds over into another organisation's air space triggering its wireless devices to connect. Once those devices connect with the neighboring network, the neighbor has access back into the organisation. Accidental associations between a station and a neighboring WLAN are now being recognised as a security concern.
Malicious associations: A malicious association is when a company laptop is induced to connect with a malicious device such as a Soft AP or laptop. The scenario also exists when a malicious laptop connects with a sanctioned AP. Once the association has been made the hacker can use the wireless device as a launch pad to attack servers and other systems on the corporate network.
Ad hoc networks: Ad hoc wireless networks, or peer-to-peer networking between two computers without connection to an access point, represent another major concern for WLAN security. These ad hoc networks can be self-deploying or intentional. Additionally ad hoc networks have little security in terms of authentication and encryption. Therefore it is easy for an intruder to connect to innocent users' computers and copy private documents or sensitive information.
What is at risk?
WLANs provide an easy open door to the wired network. Through unintentional associations and ad hoc networks, unsecured wireless networks can be sniffed acting as a launch pad to the wired network and an organisation's corporate backbone. Once accessed an unsecured WLAN can compromise: Financial data, leading to financial loss Reputation, damaging the efforts spent building the brand Proprietary information, leaking trade secrets or patents Regulatory information, foregoing customer privacy or ignoring government mandates All which could cause legal ramifications
It is becoming harder to find a laptop without a built-in wireless access card. And for a mere $50 an employee can purchase and plug a WLAN access point into an Ethernet jack providing a gateway to a wireless network. As wireless networks become ubiquitous extensions of wired networks, the threat of intruders becomes more pervasive. Organisations need to look beyond local access points and think globally to secure the air across the entire enterprise.
biography
Anil Khatod is president and CEO of AirDefense.
If you would like to become a ZDNet Australia guest columnist, write in to Fran Foo, Editor of Insight, at fran.foo@zdnet.com.au.