Wireless networks are becoming more complex and crucial as the on-the-go need for Internet access rises. Most network security issues are similar, regardless of how big or small a company is, or whether the networks are wireless or not. There are hackers, the people who take advantage of your wireless network's overlap, and there are company employees using their own personal wireless devices at work.
Every company with wireless devices has to worry about hackers and security issues. Wireless vulnerabilities are widespread. But with awareness and policies in place, wireless attacks can be minimal.
The evil twin attack
The evil twin attack is a wireless phish scam, in which a hacker simulates a hot spot connection, and users are duped into connecting to a malicious server.
For example, the hacker could be what appears to be a regular customer at a "Wi-Fi" coffee shop, drinking a mocha latte and working on his laptop. In walks your company's salesperson, who sits down with his laptop and coffee and logs onto the Internet. The salesperson uses a company credit card to pay for access to the Web. He logs onto the company network using his user name and password. He accesses client files, then logs onto his bank's homepage to check his bank balance. He logs off and leaves.
The salesperson has signed onto the hacker's "network" via his simulated Wi-Fi hot spot. The villain leaves the café with the salesperson's company credit card number, client information and the salesperson's user name and password. He can now get into the company's wireless network, use the company credit card and get into the victim's personal bank account.
Prevention challenge
Preventing a successful evil twin attack from wreaking havoc is very difficult, but crucial. In fact, trying to stop the effect is like "closing the barn door after the horse is out," said Rich Mironov, vice president of marketing at AirMagnet Inc., a Sunnyvale, Calif.-based vendor of wireless security products.
The best way to avoid such attacks is to have a clear policy of how laptops and other devices are used outside of the company. For example, you could require users to use only security-enhanced hot spots outside the office, such as T-Mobile's 802.1x-based authentication and encryption hot spots.
Intrusion detection software is a must-have safety measure that can block evil twins. For example, AirDefense, a wireless security company in Alpharetta, Ga., has personal and enterprise products that alert users that they are being redirected to an unintended access point. The personal product is a free download.
Typically, enterprise wireless intrusion detection systems from vendors such as AirDefense and AirMagnet are bundled with other wireless security tools that handle monitoring, management and security policy creation and maintenance. Prices run in the thousands of dollars, depending on the size of the network. AirMagnet's enterprise systems start at about $9,000, for example.
Price is right
The benefits of intrusion detection tools are well worth the cost, said Alex Kunz, chief technology officer at Nicholas K, an upscale clothing design firm in New York. He implemented security policies and installed AirMagnet's Laptop Analyzer and Surveyor tools when setting up the company's wireless network. Those products produced reports that alerted Kunz to possible dangers.
"We are based in a very urban area, and we typically see 80 to 100 outside connections events a day," Kunz said. "Any one of those could be malicious, but the AirMagnet tools repel those unauthorized users."
Ounce of prevention = pound of cure
Good policy and intrusion detection tools can also foil the plots of unauthorized wireless network users. Security policies should include basic steps such as surveying access points to ensure they are not broadcasting outside desired parameters, said Michael Gregg, president of the Solution Firm, an IT security consulting firm. Moving these offending access points is a simple process.
Another challenge is dealing with the clueless employees who use their own wireless devices. The ease in which wireless technology can be deployed is often a downfall, according to Lisa Phifer, vice president of Core Competence Inc., a network management consulting firm in Chester Springs, Pa.
"A wireless device can be plugged in and be up and running in less than 10 minutes," Phifer said. "Unfortunately, the built-in security measures, such as encryption, are turned off by default, and many people don't turn them on."
IT administrators must be diligent about encryption of their company's data, using the latest encryption standards, such as Windows Product Activation, Phifer said. Encryption can slow down a malicious hacker and completely shut out anyone who has just stumbled into an access point that is broadcasting.
The best weapon against hackers and wireless security threats is a detailed, enforceable security policy. With policies and Wi-Fi security tools, IT managers can defeat the bad guys of wireless computing and provide a secure wireless network.
