Managing Security Risks in a Wireless World
Wireless networks are extremely prevalent today, both at home and in work settings. This increased adoption of wireless networks can be attributed to lower cost and ease of installation, combined with benefits such as increased portability and productivity.
Setting up wireless networks generally does not require drilling holes or cabling. All you need to do to connect is plug in a wireless access point (AP) or router. The lack of cabling expands a network to one without a physical boundary and allows an end user to be portable and productive from anywhere within the wireless network range.
This open connectivity brings with it risks, however, some of which are similar to those in wired networks, while others are unique and increased on wireless networks. Poor security standards, coupled with immature technologies, flawed implementations and limited user awareness, make it difficult to design and deploy “secure” wireless networks. All the vulnerabilities of wired networks exist in wireless networks as well. The most noteworthy is the openness of the communication medium (airwaves). This is akin to storing valuables in a glass safe.
Wireless security threats include confidentiality, integrity and availability (CIA) of resources and information. Organizations have information to protect. This information can be financial, personal and intellectual, all of which can be sensitive. Unauthorized intruders can intercept and gain access, disclosing sensitive information (confidentiality breach) if encryption and other protective mechanisms between wireless devices are weak or vulnerable.
Disclosed information can be altered (integrity breach) intentionally by the intruder or unintentionally due to malfunction in data-synchronization routines between the wireless clients and the back-end storage. Intruders can launch attacks against wireless devices in the network and consume network bandwidth causing Denial of Service (DoS) attacks (availability breach), as well.
Know Your Enemy
Sixth-century Chinese general and master military strategist Sun Tzu, in his book Art of War, wrote: “Know your enemy and know yourself, find naught in fear for 100 battles.”
Enemies and threat agents that exploit wireless security vulnerabilities can be grouped into three major categories:
Script kiddies ($cr1p7k1dd13s): These enemies are motivated primarily by the thrill of electronically trespassing and are deterred quite easily by simple security measures. They usually are unaware of the consequences of breach and use tools and scripts readily available to gain access to networks on which they are not authorized. They are the least of the threats and are also referred to as “war dialers.”
Resource thieves: They consume resources such as bandwidth and disk space, downloading pirated movies, MP3 and pornography using stolen airwaves and networks. They, like script kiddies, are motivated by thrill of freeloading and the need to be untraced. They are capable of writing scripts to exploit vulnerabilities, but often look for easily exploitable vulnerabilities and don’t pose a significantly greater threat than script kiddies.
Information thieves: They know exactly what they want (sensitive information), know how to get it, know how to hide their footprints and are capable of harm. They are not easily deterred and often go the extra mile in figuring out the network topology to gain access to the network.
The 5 W’s of Wireless Networks
With the understanding of the risks and threat agents associated with wireless networks, important questions one must answer before designing and implementing secure wireless networks are:
Why do you need to set up a wireless network? Ease of access (flexibility), unrestricted workspace (portability and productivity).
Where are you setting up the wireless network? Home, work, public location.
Who will be using your wireless networks? Internal employees, vendors, customers, general public. What is it that you need to safeguard? Customer information, financial information, intellectual property, trade secrets.
When should you setup a wireless network? The right time to setup a wireless network is when you can acceptably manage and mitigate risks.
At a bare minimum, the following should be in place to thwart intruders in wireless networks:
Change all default settings. Most wireless devices (routers and APs) come with weak default configurations. Blank admin passwords or “admin/admin” username password combinations are classic examples. Due to flawed implementation and limited user awareness and education on the implications of deployment of these wireless devices with default configurations, many wireless networks are susceptible to security threats.
Select products that can support more secure technologies. For backward compatibilities, if you are required to support weaker security technologies like Wired Equivalent Privacy (WEP) instead of Wi-Fi Protected Access (WPA and WPA2), do so only after doing a risk analysis and developing a plan to phase them out with products that can support more secure technologies. E.g., more secure technologies are WPA and client AP isolations in which the client devices on your wireless network cannot see one another.
Educate, train and certify users and employees. This is the most proactive approach to implementing security in wireless networks. There is no greater defense than educated and trained personnel making wise decisions pertinent to wireless security.
Get employees certified in wireless security. The Certified Information Systems Security Professional (CISSP) credential by (ISC)2 is a Gold Standard certification that covers wireless security concepts. Another good vendor-neutral certification is the Certified Wireless Security Professional (CWSP) by CWNP.
Placebo Wireless Security
Some of the most common wireless security measures are myths and give a false sense of security. These include:
SSID cloaking: The Service Set Identifier (SSID) in a wireless AP is the name configured to be broadcast to client devices (laptop, PDAs) so that they can associate with the AP. In SSID cloaking, the SSID is not broadcast by the AP, but is distributed by out-of-band mechanisms beforehand to the wireless network users. Most organizations use SSID cloaking as a security measure. Although this is a recommended best-practice by the PCI Data Security Standard (PCI DSS), it provides little to no protection because every time a client associates with an AP, the SSID is present in clear text, and a man-in-the-middle (MITM) attack can deduce the SSID, allowing an intruder to easily bypass any intended security mechanism.
MAC address filtering: Every network device has a unique machine access code (MAC). Allowing access to your wireless networks based on MAC addresses is akin to having a bouncer with a valid set of names to allow into the party. With a plethora of MAC spoofing tools, coupled with the MAC address being sent in the header of every packet, MAC address filtering easily can be defeated.
Disabling DHCP: Dynamic Host Configuration Protocol (DHCP) provides the automatic assignment of Internet Protocol (IP) addresses for the clients associating with the wireless network. Disabling DHCP has little to no security value, as it would take a determined intruder fewer than 10 minutes to determine the IP assignment scheme and bypass security controls.
The Real Deal
Now that we are aware of how not to secure a wireless network, how should we?
Start with physical access control. Walls and physical boundaries provide little to no protection against wireless security threats. Nevertheless, it is imperative that wireless security measures are supplemented with physical security controls such as gated access, motion detectors, closed-circuit televisio