Local and wide area network-based radio networks offer convenience,
but at a cost - security issues are a key concern for operators.
Danny Bradbury explores the problem areas and finds out what can be
done to minimise the risks
Ever since the Institute of Electrical and Electronic Engineers
(IEEE) launched the 802.11b wireless standard there have been fears
about its security. Broadcasting data packets over a 1,500m radius
is different from sending them over cables. Security experts are
concerned at the disparity between the amount of wireless network
activity in the corporate community and the low level of awareness
of the vulnerability of radio local area networks (Lans).
The problem with broadcasting corporate data over a relatively wide
area is that smart people with the right equipment can intercept
the signal, says Geoff Davies, managing director of security
consultancy I-Sec.
At the recent Infosec security conference in London, an I-Sec team
demonstrated how a wireless 802.11b network could be hacked using
no more than an empty tube of Pringles crisps and a copy of a
wireless Lan sniffing service called Netstumbler.
"The tube is the correct length for the radio signal, and there is
a bit of metal you can fashion that acts as a 2.4GHz radio antenna,
providing a signal boost," says Davies, arguing that a
do-it-yourself antennae of this sort will cost you less than the
equivalent £85 unit bought in the high street.
So how can such networks be hacked?
The biggest problem lies with inadequate security standards and
with poorly configured devices, explains Davies. For a start, most
of the wireless base stations sold by suppliers come with the
in-built security Wired Equivalent Privacy (Wep) protocol turned
off. This means that unless you manually reconfigure your wireless
access points, your networks will be broadcasting data that is
unencrypted. This problem is not necessarily new; after all, many
firewalls also need to be configured before they can be used
securely. But then, conventional firewalls are not used to
broadcast data across a wide area.
Even when you do turn on Wep, there are still problems inherent
within it. The problem lies in the protocol's encryption key
mechanism, which is implemented in such a way that the key can be
recovered by analysing the data flow across the network over a
period of time. This has been estimated at between 15 minutes and
several days.
A response on the popular geek bulletin board Slashdot from Stuart
Kerrey, chairman of the Standards Working Group for Wireless Lans
at the IEEE 802.11 committee, protested that attacks using this
vulnerability would take considerable development resources and
computer power.
However, this no longer seems to be the case. An open source Wep
cracker called
Airsnort requires
between five million and 10 million packets to be gathered from a
wireless network before cracking the key in less than a second.
There is another tool called
Wepcrack.
Meanwhile work is in hand in the IEEE's 802.11i committee to create
a more up-to-date version of the standard.
Another problem, says Davies, is that the service set identifier
(SSID) - a 32-character unique identifier attached to the header of
packets sent over a wireless Lan - is sent as unencrypted text and
is vulnerable to being sniffed by third parties. The SSID acts as a
network identifier, used to lock out devices that do not know the
network ID.
Unfortunately, says Davies, most supplier equipment is configured
to broadcast the SSID automatically, essentially giving new devices
a ticket to join the network. While this is useful for public
wireless networks in places such as airports and retail
establishments - in the US for example, Starbucks is offering
802.11b access in some of its stores - it represents another
security loophole for corporates that do not switch it off.
Finding Lans to crack is not a problem for would-be hackers, thanks
to the online community. Other programs that can sniff for wireless
Lans and their vulnerabilities include Kismet (
www.kismetwireless.net/)
and Wellenreiter (
www.remote-exploit.org/).
"Some of these programs can handle a GPS device plugging into them,
so that they can log the co-ordinates," says Davies. "Then using
programs such as Multimap, someone can put in the longitude and
latitude. They can drive around and produce their own maps. This is
how we got put on to wireless problems - someone showed me a copy
of a map of Brighton."
Such maps are easily available on the Internet; the Kansas
University's vulnerability mapping project yields a map of Wan/Lan
vulnerabilities in downtown Kansas, for example (
www.ittc.ku.edu/wlan/).
Legal risks
Running a firewall that broadcasts insecure
data to potential snoopers could land you in trouble with the
Information Commissioner if that data includes customer
information, warns Rupert Battcock, a solicitor at legal firm
Nabarro Nathanson. "The Data Protection Act has a requirement that
if personal data is being processed, there must be adequate
protection in place," says Nathanson. "If an organisation is
sending data by wireless means, it could be in breach of the
seventh data protection principle which covers access to personal
data."
Still, wireless Lan technology can be a boon to organisations with
many mobile workstations or personal digital assistants, for
example. Companies in buildings that are difficult to network will
find them useful, as will those that encourage hotdesking among
staff.
There are some things that you can do to take advantage of wireless
Lan technology while minimising your risk. Building remote
authentication dial-in user server authentication into your Wan/Lan
network structure is a good idea, but this only authenticates users
and still leaves your network vulnerable to sniffers with
Wep-cracking equipment. The most advisable course of action is to
consider Wep to be an insecure mechanism and to run something like
IPSec encryption on top of it, effectively creating a virtual
private network (VPN) for your users.
A VPN will increase the cost of your network, but you can base your
decision on whether to implement it by using the same course of
action that you should be taking with all other parts of your
infrastructure. Map the risks described here against the business
data that you will be passing over radio, and assess the financial
impact of a breach. If the data is too critical, reassess what
should be passed over the network, or use a VPN to bump up your
protection.
Companies worrying about the security of their wireless Lans should
consider the dangers of sending sensitive information over cellular
links. While the dangers of interception using GSM are relatively
low, although still there, things get considerably more risky using
GPRS networks, say pundits.
But modern GSM cellular links (over which many Wireless Application
Protocol (Wap) data sessions are still carried) are bad enough.
Things became considerably better security-wise when the world
moved from first-generation analogue cellular links to
second-generation digital connections using GSM. At that point,
voice communications became digitally encrypted. However,
persistent (and rich) hackers can still listen to your staff or
customers' conversations thanks to some flaws in cellular network
security.
Gunter Ollman, manager of X-Force security assessment services at
security consultancy Internet Security Systems, says it is possible
to spoof a phone using a fake base station due to a lack of base
station authentication by the phone. However, the cost of a genuine
base station - if a cellular supplier will sell you one - or a fake
one is considerable.
Another potential security flaw in GSM phones is mainly the fault
of lazy Sim (Security Identity Module) card manufacturers. Sim
cards are portable cards used within GSM phones to identify a phone
to the network. The Comp128 algorithm is used to encrypt the
credentials on the card. The encryption mechanism was cracked in
1998 and companies should have stopped using it - but they have
not, says Ollie Whitehouse, managing security architect at security
consultancy @Stake - primarily because Comp128 is so well-known and
cheap to burn on to Sim cards.
It is possible to clone such cards using kits that the unscrupulous
can buy for less than £100. GSM service providers will be watching
for concurrent calls using the same Sim code, which makes card
cloning risky, and a newer version of Comp128 (Comp128-2) has been
produced, which will make it much harder.
Over-the-air decryption is much more difficult because of the
encryption technologies used to encode these signals. A team at
Berkeley University claims to have done it theoretically, but has
not demonstrated it in practice.
An online search for passive briefcase-sized GSM monitoring and
decryption systems will reveal a couple for sale on the
international market. Again, the investment required is
considerable, says Alex Blomberg, head of Tandor, a firm
specialising in cellular security systems, who says that they are
mainly used by government organisations.
The bottom line is that an attacker would need to be accessing very
sensitive data to make it worth the investment in GSM monitoring or
decryption kit. Sim cloning is a more real danger. But, says
Whitehouse, the first-generation Wap standard used for mobile data
applications represents another risk. Wap uses the Wireless
Transport Layer Security (WTLS) protocol to secure data links, but
there is a flaw in version 1.0 of the standard. It uses the Unigram
Data Protocol (UDP) for sending information between the cellular
service provider's network and the phone because it handles narrow
bandwidth and unreliable connections more effectively. The
conventional Internet Protocol (IP) is used on the internal
network. Because of the translation needed between the two
protocols, data needs to be decrypted at some point in the network,
and this happens on a Wap gateway operated by the cellular
provider. The lack of end-to-end encryption makes data
vulnerable.
One answer to this problem is to run another encryption protocol on
top of the existing Wap security protocol using digital keys
processed by the phone, but most phones cannot handle the digital
key encryption and decryption required in a time acceptable to the
user.
Fortunately, with the recently approved Wap 2.0, IP is used all the
way through the session, which makes end-to-end encryption
possible, says Whitehouse. This makes Wap viable from a security
standpoint, especially over relatively hard-to-crack GSM links.
Unfortunately, just as the application layer becomes more secure,
it appears that the transport layer is becoming more vulnerable.
For data sessions, many people will be moving from GSM to GPRS, a
2.5G transport. Although Wap 2.0 with its increased security
specification runs perfectly well over GPRS, Whitehouse says some
implementations of the GPRS specification are less secure than GSM.
"@Stake has already broken into GPRS networks from the end of the
phone," he says. "GSM was a closed system using band-managed
infrastructure. In GPRS you can draw a dotted line from the handset
to the sensitive parts of the network."
The problem is that while GSM runs on an encrypted,
circuit-switched system, the packet-based nature of GPRS makes it
look like an IP network all the way from the phone to the inside of
the operator's network, and beyond to the content provider's
back-end system. And with what result?
"The attack platform is the laptop and the GPRS modem," says
Whitehouse. "You can use a full suite of penetration tools just as
you would on a wireless Lan."
Content providers should not rule out GPRS-based services as they
are likely to be a lucrative source of revenue over the next five
years, as the market matures. But it would be worthwhile getting a
demonstrable guarantee that a provider's GPRS network (and
particularly the link between its network and yours) has been made
secure using standard network protection techniques. Running a
penetration test on your own network through the provider's GPRS
infrastructure would be an astute move.