Wireless networks at risk from 'jamming'

Enterprise wireless networks are at risk from a widespread unfixed flaw that can lead to a simple denial of service attack.

Enterprise wireless networks are at risk from a widespread unfixed flaw that can lead to a simple denial of service attack.

Researchers at Queensland University in Australia have discovered a hardware configuration flaw in wireless access points, which could allow anyone equipped with a standard wireless access card and PDA or laptop to "jam" any wireless network within a 1km radius.

The flaw allows attackers to send repeated requests to the wireless access point. Other users will receive a "network busy" message and will not be able to connect to the network.

None of the Wi-Fi equipment manufacturers has devised a fix for the hole. The flaw affects all 802.11b-based networks, the majority of installed systems, and 802.11g-based networks running at below 20mbps.

In addition, 802.11g wireless points that also support 802.11b users can be targeted. Networks running on 802.11a are not affected, but this standard is not used in the UK.

Internet security testing company NTA Monitor told Computer Weekly the only solution to the problem is to use 802.11g at speeds of more than 20mbps or to transfer mission-critical data onto purely fixed-line networks.

802.11g can theoretically work at up to 54mbps, but actual working wireless speed depends on the user's fixed-line network speed, and many networks work at less than 20mbps.

NTA Monitor managing director Roy Hills said, "A company can prevent such an attack by shielding their buildings using a technique known as tempest-shield which blocks radio interference.

"However, this approach is generally only deployed as an anti-spying measure in government buildings.

"When dealing with this type of threat, for many, it is basically a trade off between functionality and risk," he said.

Rich Mironov, director at wireless network testing company AirMagnet, said, "The way to stop such attacks is to locate the device and turn it off. With this exploit, you must disable the sender."

Matt Broughton, network systems manager at Basildon & Thurrock University Hospital, has just rolled out a wireless network at the hospital, which supports 802.11g and 802.11b network card users.

He said, "As we rely on 802.11g at above 20mbps we should be all right as far as this problem is concerned."

Screening wallpaper stops jammers   

A future solution to the threat to wireless access points may lie in technology usually associated with the Stealth bomber, in the form of BAE Systems' Stealthy Wallpaper. 

The company's scientists used Frequency Selective Surface technology, more commonly found in military applications such as the Stealth bomber, to develop a flexible wireless screening material that is less than 0.1mm thick.

This allows the material to be easily applied to a wide range of surfaces and it can be made transparent for windows.  

Two varieties of the material have been developed: active and passive. The passive material permanently screens Wi-Fi transmissions but allows the transmission of mobile phone signals and radio frequencies of the emergency services.

The active material can be turned on or off so that Wi-Fi networks in different areas of a building can be linked or isolated as required.

Read more on Wireless networking