Around the world, hackers are “war driving” through office districts, gathering unprotected data from wireless networks.
Corporations and governments are spilling their secrets into the streets, and managers do not realize how vulnerable their networks are. Even more frightening, they may not even know that a base station is attached to their network, transmitting confidential information to anyone with
a laptop, a wireless card and some simple software.
Jim Geier, a computer consultant who helped to develop Wireless Local Area Networks (WLANs) standards, is busy these days conducting two-day workshops on wireless network
security. The 801.11 standard was finalized in 1997, he said, but it took some time for prices to drop and speeds to increase. “When that happened, corporations saw that the performance at least matched with their typical Ethernet capability and that is when it started taking off,” Geier said.
According to Dr. Ian Goldberg of Montreal-based Zero Knowledge Systems Inc., part of the problem is the user-friendliness of the technology. “In companies – and I don’t know about the public sector – but in companies, it is not unheard of for employees to just bring equipment to work and plug it in,” Goldberg said.
Even when IT managers know they have deployed 802.11 networks, they may forget that they are wireless. “A lot of the time, it just slips their minds that the radio waves don’t stop at your building wall and they can be accessed from a good distance away,” said Goldberg.
“A $40 antenna can capture signals from several miles away. I think the record has been 26 miles.”
The data that travels over 802.11 is protected, but Jim Geier says U.S. government policy banning the export of high technology has made it easy for hackers to break in.
“The 802.11 network has security, so you can use encryption keys to encrypt the data that is being sent between the user and the access point where it is connected to the network,” Geier said. “But the encryption keys were kept fairly weak, mainly to make it easier to export products based on that standard, so the encryption mechanism itself is inherently weak.”
The encryption keys themselves are “static” sets of numbers, meaning they stay the same until someone or something changes them.
“The administrators are reluctant to change these keys very often because it’s difficult and they have to go out to each end user and have them change numbers to match,” Geier said.
These days, hackers are eager to pursue any vulnerability, so companies have developed “sniffing” software that looks at data packets being sent from 802.11 devices.
“After collecting roughly 1,000 packets, it can take that and determine what the keys are and tell you what it is,” Geier said. “That can be done on an active network in just a few hours. These tools are available off the Internet for free. So basically the 802.11 security today is useless for all practical purposes.”
Firms that make 802.11 products have incorporated enhanced security features into their high-end wireless LAN parts, but these measures are proprietary, meaning buyers who want to expand a network are locked into technology from that company. This is unacceptable for IT administrators who are bound by policy or preference to use only open systems.
Getting around the security limitations of today’s 802.11 networks means accepting a drop in performance, adding more equipment or both. Ian Goldberg said managers should insist on the same security measures that apply to other devices reaching the network from the outside.
“The wireless network is exactly as insecure as the public Internet,” Goldberg said. “Whatever firewalls you have between your internal network and the Internet, you should have the same thing connected to the wireless network. Just plug your wireless network in where the Internet comes in, before the firewall.”
Users love WLANs because they eliminate the bother of physically attaching laptop and handheld computers to their organization’s networks.
In the last few years, administrators have purchased thousands of 802.11 networks because they are affordable, easy to install and quickly reconfigured, little realizing how thinly they are shielded from prying eyes.
New standards will bring higher levels of security to 802.11 networks within a year or two, but in the meantime, many organizations with wireless networks need to find out whether they have added a new business line – public broadcasting. n
Richard Bray is an Ottawa-based writer with an extensive background in public policy journalism. A former producer and reporter with CBC News, he is a specialist in high-tech issues.