Wireless technology is exploding in popularity. Businesses are not only migrating to wireless networking, they are steadily integrating wireless technology and associated components into their wired infrastructure. The demand for wireless access to LANs is fueled by the growth of mobile computing devices, such as laptops and personal digital assistants, and a desire by users for continual connections to the network without having to “plug in.”
“Wireless LANs are the major wireless security problem facing businesses through 2008.” Gartner, 2004
Like most innovative technologies, using wireless LANs poses both opportunities and risks. The wireless explosion has given momentum to a new generation of hackers who specialize in inventing and deploying innovative methods of hijacking wireless communications, and in using the wireless network to breach the wired infrastructure. In fact, hackers have never had it so easy.
What Makes Wireless LANs Different?
Traditional wired networks use cables to transfer information. Cables are a controlled medium, protected by the buildings that enclose them. External traffic that enters a wired network is policed by a firewall and intrusion-protection technologies. To gain access to a wired network, an intruder or hacker must bypass the physical security of the building or breach the firewall.
Wireless networks, on the other hand, use the air space to transfer information. The air space is an uncontrolled and shared medium—it lacks the equivalent physical control of its wired counterpart. Once a user connects a wireless access point into the network, its signals can travel through the walls, ceilings, and windows of the building. This renders the entire network accessible from another floor of the building, from an adjoining building, from the parking lot, or from across the street. Radio signals from a single wireless access point can travel up to thousands of feet outside of the building. Additionally, wireless devices share the airspace. Any wireless device in the network can “see” all the traffic of all other wireless devices in the network.
The Six Risks of Using Wireless LANs
Wireless introduces new security challenges. The same wireless technologies that operate without the physical and logical barriers of their wired counterparts, increase user flexibility, boost productivity, and lower network costs, can also expose network-based assets to considerable risk. The following describes the six greatest threats to WLAN security.
Risk One—Rogue Devices
Unauthorized rogue devices, particularly rogue APs, are the most daunting challenge created by wireless technology. The rapid proliferation of rogue devices poses a serious threat to the enterprise. According to analysts, there are tens of thousands of rogue devices in enterprise networks nationwide.
A rogue AP can be a soft AP, hardware AP, laptop, scanner, projector, or other device. Rogues provide an open entry point to the enterprise’s entire network infrastructure, bypassing all existing security measures.
Risk Two—Shifting Relationships
Wireless devices have constantly shifting network relationships with other wireless devices. Accidental association takes place when a wireless laptop running the LAN-friendly Windows® XP or a misconfigured client automatically associates and connects to a user station in a neighboring network. This enables intruders to connect to innocent user’s computers often without their knowledge, compromise sensitive documents on the user station, and expose it to even further exploitation. This danger is compounded if the station is connected to a wired network, which is also now accessible.
Risk Three—Network & Device Vulnerabilities
Insecure wireless LAN devices, such as access points and user stations, can seriously compromise both the wireless network and the wired network. Hackers target insecure devices, using specialized tools to break encryption and authentication.
Risk Four—Threats & Attacks
Wireless networks introduce multiple venues for attack and penetration that are either much more difficult or completely impossible to execute with a standard, wired network.
Risk Five—Exposure of the Wired Network
Most enterprise wireless LANs connect back to a wired network at some point. Hackers can use any insecure wireless station as a launch pad to breach the network. Additionally, misconfigured access points can act as a bridge to the wired network, sending multicast, wired data, and credentials into the air, where they can be intercepted by intruders and hackers on the wireless side of the network. Also, enterprises that use routing protocols, such as HSRP (hot standby routing protocol), can fall prey to hackers doing wireless reconnaissance for topography information about the wired network. These types of protocols reveal information that can enable a hacker to do traffic analysis of the enterprise, such as the devices in use, MAC addresses, IP addresses, and traffic routes.
Risk Six—Operational Issues
Wireless LANs have operational issues that can compromise the usability of the wireless network, issues that impact availability, performance, security, and cost. To alleviate these issues, wireless LANs require effective operational support mechanisms to run smoothly. Support for wireless LANs cannot depend on traditional wire-based support tools, but instead, must have tools that monitor performance, diagnose faults, and monitor for network use and misuse.