A field experiment conducted by an Ottawa area security firm indicates that wireless LANs are highly susceptible to hacker attacks — and most people aren’t even turning on basic protection.
Tenebris Technologies Inc., a security
firm that doubles as a private investigation agency, set up a “”honey pot”” wireless network on the outskirts of Ottawa just to see how many hackers it would attract.
Three months later, the network had received 40 connections, or “”associations.”” Thirty-one of those were probably harmless associations, says Tenebris president Eric Jacksch. It’s not hard to accidentally connect to a network with a laptop equipped with a wireless LAN card, he says.
Another eight associations were classified as “”unknown”” and were characterized by a connection, followed by request for IP, then an attempt to access the Internet. “”We have no way of knowing if it was an inadvertent connection . . . or whether it was someone trying to poke around and see if the network system was actually connected to the Internet,”” says Jacksch.
But one association was a determined 20-minute attempt to break into the network and access data. “”There’s no doubt what this particular person’s intent was,”” says Jacksch. “”They tried to break into the router, into the actual access point configuration . . . to see if they could try to reconfigure our equipment. They would probably have to be sitting in a parking lot or somewhere in the area.””
Even the 31 apparently innocuous associations could have been attempts to hack into the network. Brief connections are often the hallmark of “”war driving,”” says Jacksch, which is the practice of hacking into a company’s network by sitting outside their building with a laptop, or even in their lobby.
To be fair, it was open season on the honey pot network set up by Tenebris. The network was in a remote area, and its existence wasn’t advertised, but Jacksch didn’t turn on the most basic of wireless security measures, an encryption layer called wireless equivalent privacy, or WEP. What’s startling, though, is many network users don’t turn it on either. Jacksch estimates that 70 per cent of wireless LANs aren’t running WEP.
Some people just aren’t aware of the need to protect their wireless network, partly because they don’t realize that they operate on public frequencies, says Jacksch. Most of those unprotected networks are probably home users, he adds, but there are corporate networks out there too that don’t have WEP turned on either.
“”It baffles me that people are not taking the time to utilize the (security) functionalities,”” said IDC Canada Ltd. analyst Warren Chaisatien. Maybe it’s just human nature, he says. How many people, for example, change the PIN code after receiving an ATM card from a bank?
It’s all rather puzzling, he adds, since WEP is enough to provide basic protection for a most networks, and there are solutions available to make them more secure.
“”Wireless is as secure or as unsecure as you want to make it,”” says Bruce Comeau, western sales manager for 3Com Canada, one of the companies that sells wireless networking equipment and accompanying security products. “”Certainly in the enterprise, it’s not unlike anything else as far as locks on doors and desks go. You have to have a security strategy in place.””
Like Jacksch and Chaisatien, Comeau says it probably a matter of educating people that wireless networks are vulnerable and hacking into them is a simple matter unless proper security precautions are taken. The company offers wireless training to its resellers to pass this message along to customers.