The security threat of wireless networks to the enterprise keeps growing, this time with the discovery of a new wireless attack. Dubbed “phlooding”, this new exploit targets businesses central authentication server with the goal of overloading it and cause a denial-of-service attack.
The “phlooding” attack, discovered by AirMagnet, describes a group of simultaneous but geographically distributed attacks that targets wireless access points with login requests using multiple password combination in what are known as dictionary attacks.
The multiple requests create a flood of authentication requests to the company’s authentication server, which could slow down logins and potentially interfere with broader network operations, since many different users and applications often validate themselves against the same identity management system.
Phlooding could effectively block broadband VPN or firewall connections that use a common authentication server to verify an incoming user´s identity, making it temporarily impossible for employees to access their corporate network.
“As our counterparts in wired security have discovered, it is no longer acceptable to wait for a vulnerability to be published, or worse, exploited, before taking action to protect against it,” said Dean Au, AirMagnet president and CEO. “By identifying new wireless attacks and providing pre-emptive protection against them, we´re able to guarantee that the integrity of our users´ networks isn´t compromised.”
Businesses with multiple office locations served by a single identity management server could be particularly vulnerable to phlooding attacks.