Securing the air: Recognizing risk in an enterprise-wide wireless network

To understand the risk of wireless LANs, one must first understand the security vulnerabilities of all wireless LANs.

Anil Khatod

The benefits of wireless LANs (WLAN) are undeniable but the risks introduced by them are increasing exponentially.

According to InStat MDR more than 75 million Wi-Fi devices have been deployed worldwide and another four million new WLAN devices are being shipped per month.

Some organizations think their investments in firewalls and VPNs will protect them from the risks of WLANs. However, they do not realize that the WLAN signal bypasses all wired side security and opens a back door for an intruder. Simply banning WLANs is not an option either as most laptops are shipped with built in wireless cards. If companies were to ban wireless networks, they would need to ban the use of laptops, which is an impractical solution.

The fact is -- any wireless device connected to a wired network essentially broadcasts an Ethernet connection and an onramp to the entire enterprise network. Unless properly secured and monitored across the global enterprise, these self-deploying and transient wireless devices and networks are dangerous to all organizations. Intruders and hackers will use an unsecured WLAN as a launching pad to break into an organization's corporate backbone and compromise the integrity of financial data, customer information or even trade secrets. No longer should the security of wireless networks be a peripheral thought.

The difficulties of securing the air
To understand the risk of wireless LANs, one must first understand the security vulnerabilities of all wireless LANs. Wireless LANs face all of the security challenges of any wired network. In addition new risks are introduced by the nature of wireless. First the medium in which a wireless LAN operates is the air, an uncontrollable space. Additionally, wireless devices self deploy and have the capability to connect to strangers. Due to the growth of wireless LAN-enabled laptops and the increasingly wireless-friendly Windows XP Operating System, laptops in the default setting automatically search for an access point in which to connect. Lastly, wireless devices are transient in the way they connect. If a wireless device picks up a strong signal, it may connect with the new access point (AP) even if the AP is the laptop of an intruder in the parking lot.

There are many ways in which WLANs can be compromised.

More than rogue access points
A rogue WLAN has traditionally been thought of as a physical access point unsanctioned by network administrators. Today rogue WLANs are further defined as laptops, handhelds with wireless cards, barcode scanners, printers, copiers or any wireless LAN device. These devices have little to no security built in making it easy for intruders to find an entry point. Rogues could be maliciously placed by intruders to hack into a corporation or they can be innocently deployed by employees for easy wireless access.

Soft access points
While hardware APs have been the focus of security issues to-date, wireless-enabled laptops are easily configured to function as access points with commonly available freeware such as HostAP or software from PCTel. Known as "Soft APs," these laptops are harder to detect than rogue access points. The Soft AP is quite dangerous as it appears as a user station to all wire-side network scans.

Accidental associations
Accidental associations are created when a neighboring access point across the street or on adjacent floors of a building bleeds over into another organization's air space triggering its wireless devices to connect. Once those devices connect with the neighboring network, the neighbor has access back into the organization. Accidental associations between a station and a neighboring WLAN are now being recognized as a security concern.

Malicious associations
A malicious association is when a company laptop is induced to connect with a malicious device such as a Soft AP or laptop. The scenario also exists when a malicious laptop connects with a sanctioned AP. Once the association has been made the hacker can use the wireless device as a launch pad to attack servers and other systems on the corporate network.

Ad Hoc networks
Ad hoc wireless networks, or peer-to-peer networking between two computers without connection to an access point, represent another major concern for WLAN security. These ad hoc networks can be self-deploying or intentional. Additionally ad hoc networks have little security in terms of authentication and encryption. Therefore it is easy for an intruder to connect to innocent users' computers and copy private documents or sensitive information.

What is at risk?

WLANs provide an easy open door to the wired network. Through unintentional associations and ad hoc networks, unsecured wireless networks can be sniffed acting as a launch pad to the wired network and an organization's corporate backbone. Once accessed an unsecured WLAN can compromise:

  • Financial data, leading to financial loss
  • Reputation, damaging the efforts spent building the brand
  • Proprietary information, leaking trade secrets or patents
  • Regulatory information, foregoing customer privacy or ignoring government mandates
  • All which could cause legal ramifications.

It is becoming harder to find a laptop without a built-in wireless access card. And for a mere $50 an employee can purchase and plug a WLAN access point into an Ethernet jack providing a gateway to a wireless network. As wireless networks become ubiquitous extensions of wired networks, the threat of intruders becomes more pervasive. Organizations need to look beyond local access points and think globally to secure the air across the entire enterprise.

 


About the author:
Anil Khatod, President & CEO
Mr. Khatod is a telecommunications and networking veteran who joined AirDefense in December 2003. Prior to joining AirDefense Anil was a partner at the venture capital firm Atlas Venture. Anil is widely known for his achievements as a senior executive with Nortel Networks where in his final position he served as Chief Marketing and Strategy Officer. In this role, Anil was responsible for corporate strategic planning, global marketing, alliances, M&A, acquisitions, integration of acquisitions, government relations and advanced technologies for all Nortel businesses across the globe.

About the company:
AirDefense Inc. is the thought leader and innovator of wireless network security and operational support solutions. Founded in 2001, AirDefense pioneered the concept of 24x7 monitoring of the airwaves and now provides the most advanced solutions for rogue WLAN detection, policy enforcement, intrusion protection and monitoring the health of wireless networks. As a key element of wireless network security, AirDefense complements wireless VPNs, encryption and authentication. Based on a secure appliance and remote sensors, AirDefense solutions scale to support single offices, corporate campuses or hundreds of locations. Blue chip companies and government agencies rely upon AirDefense solutions to secure and manage wireless networks around the globe. For more information, go to www.airdefense.net or call 770.663.8115.

This was first published in July 2004

Dig deeper on Wireless Networking

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchConsumerization

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close