Friday, May 2, 2008

Wireless Threats

Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says

Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says

APRIL 28, 2008 | 5:40 PM

By Tim Wilson
Site Editor, Dark Reading

LAS VEGAS -- Interop/CSI SX Conference -- Wireless vulnerabilities in corporate environments are creating as great a threat now as the Internet did in its early days, a security expert said here today.

In a session at the Computer Security Institute's CSI CX conference, which is being held concurrently with Interop here, AirPatrol CEO Nicholas Miller said the rapid growth of wireless networking has increased the threat of wireless vulnerabilities to an unprecedented level.

"The problem is that wireless vulnerabilities don't just expose the user who's unaware of them, but the whole corporate network the user is attached to."

"I can go out in a car and sit in a parking lot with a wireless router and gain access to an amazing variety of systems," Miller said. "It's really a little bit scary."

In an effort to save money and reduce infrastructure, many companies are moving toward a wireless infrastructure, which puts their networks at a greater risk than ever, Miller says. Yet many of the old vulnerabilities that existed in the wireless environment still have not been resolved, he observed.

"We think the best approach is to attack the problem in the reverse way that they're currently doing, which is to put in a wireless network and then add a security solution," Miller said. "What we think they should do is deploy a wireless security system first, and then you could literally go out and buy the access points at Best Buy."

"What we're really saying is that the emperor's got no clothes. You don't need all of that complex wireless technology if you have a wireless threat management system in place with encryption and security."

Wireless infrastructure vendors offer some security capabilities, "but they are really looking for rogue access points, which is a tiny issue compared to the total problem associated with laptop security," he said. "You really need to look at the entire network -- you need to secure the endpoints."

The problem with most wireless technologies is that they don't account for the end user's location, Miller said. "All of a sudden people can have access to the network as if they were in the building, which is why we need location-based access in wireless. Any wireless product you're looking for should have that capability. If a hacker wants to break into the network, they should have to break into the building."

AirPatrol is working with CheckPoint to block wireless access from unauthorized access points via the firewall, Miller said. "We're blocking traffic at the edge of the network using CheckPoint firewalls, which is a new way to use the firewall. We're also working with a very large switch vendor to see this sort of access control at the switch level."

To be effective, a location-based wireless security system should be able to deliver accuracy within 10 feet of the user's location, Miller said. "Ten feet tells you it's Frank in accounting. Thirty feet tells you it's in the building."


No comments: