Wireless Computer Networks and You

 

            Wireless computer networks are becoming popular. They can be easy to set up without the need for hard wiring of ethernet cables throughout a business or home. These networks however have become a favorite target of hackers. Hackers call driving around with a laptop and sniffer software "war driving". In a test in San Diego, a computer security consultant named George Spillman did "war driving" past shopping centers, apartment complexes and suburban neighborhoods for 15 minutes and logged hundreds of wireless AP's (Access Points) (The kansascitychannel.com).

            Drive-By Hackers can use this type of information to attack both business and home networks. When a hacker focuses on a specific network, he can learn business and personal information such as account information, financial information, passwords, e-mails, proprietary information, confidential information, confidential photographs, business plan details, business projections, cash flow information, banking information such as online account access codes and any other type of information which can be stored on a computer. Security information and security systems which involve physical access to an address can also be compromised. Child pornographers can use your network to mask their clandestine or felonious activities. The owner of the network would be the one to get in trouble with the prosecutors.

            Hardening a network against such drive-by hackers is difficult if not impossible. The use of encryption software, frequent password changes, and network shutdown periods can help, but none are foolproof.

            If you use Wi-Fi locations such as coffee shops, internet cafes, hotels, motels, or other businesses who provide an access portal to the internet for you, then you can be hacked without having the ability to protect yourself at all. Even palm pilots and other PDA (Personal Digital Assistant) devices which have wireless modem capabilities are compromised by these criminals.

            In order to control access to your network, these drive-by hackers can modify their wireless modem cards to have stronger signal strength by adding a secondary, larger antenna.

            The standard IEEE 802.11b regulates these wireless networks. The article "Factual and Legal Risks Regarding Wireless Computer Networks" by Dornseif gives a comprehensive look at the ways to hack a wireless network. In this article it is described how even passwords and security setups can be overcome, allowing the hacker access to your network. This article also describes the law in Germany which deals with this kind of piracy. Data Theft from a hard wired network can be achieved if there is just one wireless Access Point, thus compromising a network which in every other way is secure to theft and piracy. Data manipulation can destroy financial and business records, causing potentially unlimited destruction and financial ruin.

            Specific methods of compromising a wireless network include the following: calculating the password, dictionary attack, packet modification, packet creation, brute force attack, replay attack, and evil twin attack. Details of these methods are given in the article by Dornseif.

            Sniffer software that is used by these hackers is available to anyone. Specific titles of this sniffer software are Netstumbler and BSD 4.4lite dstumbler. When such laptop/sniffer software is used it is possible to map access points throughout a large city in a very short period of time. Dornseif was able to find 157 networks in the city of Bonn in Germany. In Cologne Germany, Dornseif found 125 networks. The networks which were found could be classified into the following categories: 4% were ad hoc networks, 28% used WEP (Wired Equivalent Privacy) coding, 21% were hidden SSID networks, while the remaining 47% of the networks used no protocol security functions at all. This means that nearly half of all of the wireless networks in use had no security at all. This makes the drive-by hacker a very great security threat to the entire internet. It is possible to have a hacker insert a virus at one of these unprotected nodes and infect the entire internet with no way to trace who introduced the virus. Terrorists who want to cause extreme financial destruction can use this weakness to attack the internet in any and all cities of the western world. In the case of those networks which had some security implemented, it was determined that 60% of these networks had not changed the factory set names and settings of their hardware, showing that the lazy attitude of some network administrators made the majority of supposedly secured networks vulnerable to attack.

            In conclusion, the expanded use of wireless networks is certain to continue.

            There are certain security techniques available to harden a network. None of the standard methods will stop a dedicated hacker.

            Changing passwords and turning off your network are simply not enough to limit the potential for malicious activity.

            The global internet is at great risk from these criminals and terrorists. It can be envisioned that a major attack on our global economy can be launched from places as benign as the local coffee shop or the local hotel with a WLAN service.

Bibliography:

'Drive-By Hackers' Target Wireless Computer Networks - http://www.thekansascitychannel.com/technology/2606632/detail.html

 

Factual and Legal Risks Regarding Wireless Computer Networks - Maximillian Dornseif - arxiv.org/pdf/cs.CY/0204021

 

Students project evaluates security of wireless computer networks - Terry Rombeck - http://www.ljworld.com/section/citynews/story/81268