Many companies are exposing confidential information by failing to restrict access to their wireless networks, writes John Collins
A security assessment of wireless networks in Dublin's business districts has found that more than half of them are potentially insecure and that hackers with even a modicum of skill could capture sensitive company information.
Consultants from Deloitte carried out a "war walk" last month in Dublin city centre, using a laptop computer and a directional antennae to detect Wi-Fi networks at a number of different locations. The term "war walking" or "war driving" refers to the practice of walking or driving around with a Wi-Fi-enabled device to search for open networks that the hacker can use to get free internet access.
Deloitte's exercise discovered 884 network points - wireless access points, ad-hoc computer to computer networks and PCs or laptops broadcasting a Wi-Fi signal but not connected to a network - on a random selection of Dublin streets. Of these, just 387 were using at least some form of basic encryption to stop unauthorised users logging on to the network and viewing information that is passing over it.
More worryingly, open Wi-Fi networks could act as a backdoor to allow attackers to bridge on to an organisation's wired networks which may contain even more sensitive information. Of those networks that were using encryption, the vast majority - 80 per cent - were using the less secure WEP standard.
"A lot of information still gets sent in plain text across networks," says Justin Wells, the executive with Deloitte's Enterprise Risk Services, who carried out the war walk.
"So if you had a wireless network open and someone was just listening, eavesdropping, you could come across things like passwords, usernames or even e-mails, text messages, anything really."
Deloitte's survey, which took place in Grafton St, Harcourt St, St Stephen's Green, Merrion Square, O'Connell St and the IFSC, underlines the growth in popularity of wireless connectivity among Irish businesses. But the growth has also opened a significant security risk, as it seems that most organisations are not putting in place the basic security measures.
"The door is certainly ajar for hackers to access confidential company information," explains Colm McDonnell, director of Enterprise Risk Services with Deloitte. "Companies not restricting access to their wireless infrastructure are potentially exposing sensitive internal systems and confidential information to outside parties."
Last Monday afternoon McDonnell and Wells re-created their war walk to demonstrate how easily information about company networks can be discovered. Wells carried a laptop running the open source Linux operating system in a backpack.
The laptop was connected to an omni-directional antennae which increases the distance over which a Wi-Fi signal can be picked up. Running on the laptop was a piece of software called Kismet, a freely available tool which sniffs wireless networks and grabs basic information about them. Similar tools are also available for the Windows platform which are even easier to use but not as powerful.
Amazingly one of the networks that was scanned displayed the name of a major global financial services organisation, which does, in fact, have an office on the street we had just walked down.
According to McDonnell displaying the name of the company in the SSID (service set identifier) is a bad idea as it makes it easier for hackers to access the network. "If you know who the company is, it's not too hard to get the names of users that are published on the web or in other publications," he explains. "Then it's just a password game."
Deloitte was keen to stress that at no stage did it log on to any of the networks in question so it can only say that the scanned networks were potentially insecure. To ascertain for certain whether the networks were insecure, a log-on attempt would have to be made.
A small number of the detected networks would also have been deliberately left open, eg in the case of cafes or other public premises that provide free wireless internet access to customers.
Practically all new laptops now shipped have built-in wireless networking capabilities and can act as the hub of an ad-hoc network. In addition wireless access points, which can be simply plugged into an Ethernet port on a network to provide wireless internet access, are on sale for less than €80. As a result, many IT departments may not even realise the extent to which they have a wireless Achilles Heel.
"The difficulty is that even if it is in your organisation, it's difficult to know it is there," says McDonnell. "The nature of it means that it's not on the whole time and you've got to effectively go around and sniff out your own organisation. Unless you are in the middle of the country you are not even going to be sure that what you sniffed is in your own organisation."
McDonnell points out that far from requiring a significant investment to make networks secure, the tools will already be available to the organisations as part of their network hardware (see panel). "People need to be educated not to have Wi-Fi on when they are connected to the wired network in the office," says McDonnell.
Deloitte plans to repeat the survey annually to see if the use of wireless networks is increasing and whether security is being better applied to them.