Wireless Network Vulnerabilities

Not long ago, nearly all government and private computer networks were limited to hard-wire connections with desktop PCs. Although many employees had laptops, they generally connected to the Internet or to a network via modems and phone lines, which are relative easy to secure. Today, there is explosive growth in wireless computing, both at the office and at home, and this presents entirely different security problems. Wireless computing is often called Wi-Fi, which stands for Wireless Fidelity.

It is useful to distinguish two different types of wireless networks. The office network that is meant to serve only authorized users, and the public network that is open to all. Public networks are increasingly being set up in airport waiting areas, hotels, coffee shops, pubs, community centers, and other public locations where people may find it convenient to send or receive e-mail, link to their office network, or simply surf the Internet.

By design, every wireless access point -- which serves as a gateway into the Internet or to an internal computer network -- transmits "beacons" announcing that there is an access point available for use. The beacon currently has a limited range, usually about 150 feet, although several networks can be linked to cover a larger area and wide-area wireless networks are also becoming available. Each wireless device, such as a laptop or PDA, that  is equipped with a wireless card and is turned on is constantly sending out signals called "probes," indicating that it is seeking to "hook up" with a nearby access point. This probe automatically detects the nearest access point, called a hot spot. A screen is then displayed to instruct the user on how to gain access to this network, which is usually as simple as entering a username and password.

Under these circumstances, it is easy for a hacker to gain access to any network that is not fully protected with a firewall, strong passwords, and encryption. "For a potential hacker, it is almost a case of walking down the street and trying all the doors until one opens -- it is almost inevitable that one will," according to John Worrall, vice president of RSA Security's worldwide marketing. A survey that picked up WiFi emissions by driving along the streets of New York, San Francisco, London, and Frankfurt, using free software downloaded from the Internet, found that between 34% and 39% of wireless access points in each of these cities were unprotected. That means they were transmitting information that would assist a hacker in launching an attack.1 Hackers call driving the streets to identify vulnerable wireless networks "war driving," which is comparable to "war dialing," the automated dialing of hundreds or thousands of telephone numbers to identify vulnerable modems.

The office and public wireless networks present distinctly different security problems. For the office networks, a principal problem is that the individuals setting up the network sometimes fail to understand the security requirements. The WiFi equipment comes with a default setting configured by the manufacturer. If this default setting is not changed, and it often isn't, then any hacker who knows the default setting, as most of them do, can gain access to that wireless network. And sometimes the network fails to require identification and authentication of all users. The problem of insecure office networks can be partially solved by encryption, which will be built into some future WiFi systems.

The security problem is quite different at public wireless hotspots, as they are intended to be accessible to the public. A person walking on the street with a digital personal assistant (PDA) or a special device small enough to be attached to a keychain can identify when they are in range of a wireless network. Many hotels and airports have installed high-speed wireless networks so that people can surf the Internet or access their office network while traveling. However, there is considerable variation in the security measures built into these networks. Although many of these networks employ some security precautions, the wireless network is not responsible for the security of your communications.

There are three kinds of risk:

• That others linked to the same wireless network will be able to monitor your online activity.
   
• That an intruder linked to this network will be able to gain access to your files.
   
• That an intruder who learns your password and other procedures for linking to your office will be able to use that information to gain access to your office network and be able to see all the information on that network that you are authorized to see.

The bottom line is that all public wireless access points are inherently insecure. That does not mean, however, that you cannot use them. They can be used securely, but the burden for using them securely rests squarely on you. You cannot count on the hotel, airport, coffee shop, or whoever to provide secure, publicly available, wireless access to the Internet.

Most companies provide what is called a virtual private network (VPN) so that traveling employees can access their office network. This sets up a secure "tunnel" for the transmission of information between the traveler and the home office, but even a VPN is vulnerable to hackers if it is not set up properly or if the hacker can piggyback on your access to that network.

Here is what you need to do if you are using a wireless network to access the Internet:

• Install a good personal firewall and anti-virus program on your laptop. This helps prevent intruders from gaining access to your computer. Periodically check the firewall logs for evidence of attempted intrusion.
   
• Make certain that all e-mail and sensitive files are encrypted before they are sent or received. This will prevent others with access to the same wireless network from reading your messages.
   
• Check your network settings and ensure that your system is set with "file and printer sharing" disabled. File and printer sharing is a feature that enables other computers on a network to access resources on your computer, as in peer-to-peer sharing of music or movies. Disabling this setting prevents others from accessing files on your computer under certain circumstances.
   
• Use a strong password when accessing a VPN. If your password is broken, others could use your password to access your office network.
   
• Make sure you have the latest security updates for your operating system. This corrects known weakness that hackers may exploit.

The following are some of rules for use of wireless devices that apply to all Department of Defense personnel, contractors, and visitors that enter DoD facilities or that have access to DoD information.2 Similar rules may apply in other federal agencies. These rules apply to defense industry only to the extent that they are specified in the National Industrial Security Program Operating Manual (NISPOM) or directed in a classified contract.

• All users of a wireless device must identify themselves and be authenticated before gaining access to a DoD information system.
   
• Encryption of unclassified data is required for transmission to or from any wireless device. Exceptions may be granted by a Designated Approving Authority. Encryption for voice transmissions via the Internet is desirable but not mandatory.
   
• Wireless devices shall not be used for storing, processing, or transmitting classified information without explicit written approval of the cognizant Designated Approving Authority. When approved, only NSA-approved encryption shall be used.
   
• Cellular/PCS and/or other RF or Infrared (IR) wireless devices shall not be allowed into an area where classified information is discussed or processed without written approval from the Designated Approving Authority.
   
• Wireless technologies/devices used for storing, processing, and/or transmitting information shall not be operated in areas where classified information is electronically stored, processed, or transmitted unless approved by the Designated Approving Authority.

References
1. CMP Media LLC. Wireless Survey: Many Nets Open to Security Breaches. TechWeb, Mar. 10, 2005.
2. DoD Directive 8100.2, Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense (DoD) Global Information Grid (GIG), April 14, 2004.
 

HOME   |   COMPUTER VULNERABILITIES CONTENTS   |   TOP OF PAGE   |   HELP

INFORMATION | CONDUCT | THREATS | TECH VULNERABILITY | ASSISTANCE
SPY STORIES | TREASON 101