Businesses are embracing WLAN for many reasons, most commonly for the convenience it offers. No need for wires gives employees the freedom to work in common areas or from hard to reach places. Employees are also finding the convenience of remote working using WLAN from home and public hotspots.
An increasing number of enterprises are even forgoing a wired infrastructure completely, and relying upon wireless connections. It is a known fact that wireless has more than its share of security issues, and while most enterprises have already implemented or plans to implement WLAN, it is essential that they understand the technology and all the risks associated with it.
A Bit About WLAN
Most WLAN currently runs on 802.11b, which is also commonly referred to as Wi-Fi. A number of recent 802.11x protocols have been released and announced aimed at improving security features, increasing network speeds and adding high-bandwidth applications. 802.11b protocol has been around for a while now, and sails at up to11 Mbps throughput. Today, 802.11g and its counterpart 802.11a products are widely available, and they can send packets up to 54 Mbps. The wireless access signal typically extends anywhere from 100 to 300 feet – far enough to service employees at the same company within the same office building.
The most recent announcement is IEEE ratification of 802.11i protocol, which replaces current WPA (Wi-Fi Protected Access) standard. WPA is considered an interim standard that fix many problems associated with the early WEP (Wired Equivalent Privacy) standard. While WEP addressed WLAN security from an encryption perspective, WPA improves WLAN security with 802.1x authentication and adds TKIP (Temporal Key Integrity Protocol), which is a better encryption protocol than WEP. 802.11i will improve security even more by employing a stronger authentication scheme called AES (Advanced Encryption System).
Studies show enterprise adoption of WLAN is rapidly growing. According to a recent Gartner (1) report, “not only are employees increasingly using these networks in their homes and at public “hot spots,” but, by the end of 2004, over half of all business mobile PCs will be able to connect to them”. The convenient nature of wireless networks is very appealing for many businesses. On the other hand, wireless access is also appealing to a growing number people whom are actively seeking unauthorized access into unsecured WLAN connections.
Often, the WLAN signal doesn´t stay within the four walls of the office, and is subject to being is detected, used, and/or exploited by those known as War Drivers and War Chalkers. With the aid of some simple equipment and wireless access point “sniffer” software that is readily available for download on the Internet, these individuals will roam around cities and towns looking for unsecured wireless access points.
War Drivers have their practice down to an art, and have dedicated many Web sites and message boards to improving their practice and sharing ideas. Serious War Drivers enlist the aid of more sophisticated equipment, including antennas that help pick up signals, and Global Positioning System (GPS) receivers that are used to get the exact coordinates (longitude and latitude) of a detected wireless access point for mapping purposes.
Another growing phenomenon is War Chalking, derived from the Depression-era practice of hobos signifying friendly homes and businesses by marking their sidewalks and fences. In the case of War Chalking, symbols are chalked on the building or pavement, indicating that a WLAN access point is present, so others may take advantage of the signal. There is always a danger that unprotected access points in your enterprise may be detected and exploited by these underground groups.
Motivations of War Driving
Of course, most War Drivers say they are not interested in causing harm to the unsecured wireless networks they come across. Some say they just want free Internet access, while others say they just log the access point and move on. To many, War Driving is an innocuous hobby and a game fueled by their interest in the technology. Others claim they are demonstrating the need for greater wireless security by showing the sheer number of unsecured wireless access points they come across. No matter how you look at it, if a War Driver taps into a business´ wireless network, it puts the business at great risk. An open access point can leave an entire network exposed to hackers. The problem is not only the destruction they could cause to an enterprise network, there is also great potential for information theft. With the right software, a hacker would be able to see the contents of all the network traffic, including detail as specific as file and user names.
Unregulated Enterprise Access Points
A more prevalent, but less publicized security problem than the War Driving phenomenon is the practice of employees setting up their own wireless access points and/or bringing their own wireless-enabled equipment into the office. Employees might spend a few hundred dollars on a wireless access point and Ethernet card to connect to the enterprise network so they can work from various locations around the office. Usually these unauthorized access points are not secured, and the enterprise IT department is not aware of them. Therein lies the greatest risk of wireless – trespassing through an employee´s unsecured wireless access point, an attacker can often get total, unfiltered access to the enterprise network.
This common practice leaves the enterprise security team struggling to catch up and secure the unregulated wireless technology introduced by employees. Sometimes IT departments are trying to secure wireless technology they do not yet thoroughly understand.
Locking Down WLAN
Wireless access is not going to go away. In fact, in the coming years, most laptops, PDAs, handhelds and many smartphones will come WLAN-ready. Studies are showing that many enterprises are not taking wireless security seriously. As individual employees and workgroups have taken it upon themselves to implement this technology, IT departments are deciding they need to address wireless. Many enterprises are eager to implement wireless networks, but they should first have clear and compelling business reasons to use the technology, including an understanding of how the technology will change the business. If you are considering, or already have deployed WLAN, the network needs to be secure, but so do the devices that connect to that network. Enabling WEP provides minimal security by encrypting wirelessly transmitted data, and is not a reliable method by itself. Deploying an enterprise VPN, as well as WPA or 802.11i for encryption, authentication and access control is recommended. IT should evaluate carefully cost and benefit when deciding on equipment vendors as the AES encryption employed in 802.11i may require some hardware replacement on existing networks and devices. All wireless devices should be viewed as an extension of the wired enterprise network, and they should have antivirus, firewall and intrusion prevention protection.
To rein in employees already using WLAN, develop a set of user security policies and standards in line with your security architecture and current wired security policy. Equally important is that users are educated about those standards and policies. Making each employee an active participant in the education process will help make it clear how vital their role is to security, and will ultimately make policy enforcement easier and more effective.
Enterprises that do not secure their wireless access points are at the mercy of War Drivers and other intruders seeking out open ports. As the popularity of WLAN continues to grow, so will the people looking to exploit it. Aside from the risks, securing wireless should be viewed by you and your security team as following a standard of due care. You take care to secure your wired infrastructure, and wireless should have the same consideration. There are some very good business reasons for implementing WLAN, but it is crucial that you first understand the risks associated with it, the business value of it, and the measures you must take to secure it.