Latest update on Thursday 16 October 2008 à 09:43 by Jean-François Pillou.

Lack of security

Radio waves intrinsically have the power to propagate in all directions, with a relatively wide range. Because of this, it is very difficult to keep radio broadcasts confined to a limited area. Radio propagation also occurs three-dimensionally. The waves can therefore travel from one floor of a building to another (albeit with a high degree of attenuation.)

The main consequence of this "wild propagation" of radio waves is that a non-authorized person may be able to listen to the network, possibly beyond the enclosure of the building where the wireless network is set up.

The critical issue is that a wireless network can very easily be installed in a business without the IT department even knowing! An employee only has to plug an access point into a data port for all communication on the network to become "public" throughout the access point's broadcast range.

War-driving

Given how easy it is to "listen" to wireless networks, some people have taken to travelling around a city with a wireless-compatible laptop computer (or PDA) looking for wireless networks. This practice is called war driving (sometimes written wardriving or war-Xing for "war crossing"). Specialized war-driving software allows the locations of these open access points to be mapped accurately with the help of a Global Positionning System (GPS).

These maps can show available unsecured wireless networks, sometimes allowing people to access the Internet. Many websites have been started to share this information; in fact, in 2002, students in London invented a sort of "sign language" to indicate the presence of wireless networks in an area by drawing symbols on the sidewalk in chalk. This is called "warchalking". Two opposing semicircles mean that the area is covered by an open network that provides Internet access, a circle indicates the presence of an open wireless network without access to a wired network, and a W inside a circle shows that there is a properly secured wireless network.

Security risks

There are several risks involved in not properly securing a wireless network:

Data interception is the practice of listening in on the transmissions of various wireless network users.

Cracking is an attempt to access a local network or the Internet.

Transmission jamming means sending out radio signals so as to interfere with traffic.

Denial of service attacks make the network unusable by sending out false requests.

Data interception

By default, a wireless network is unsecured. This means that it is open to everyone, and anyone within the coverage area of an access point may potentially listen to communications being sent on the network. For an individual, there is little threat, as data is rarely confidential, unless the data is of a personal nature. For a business, however, this may pose a serious problem.

Network intrusion

When an access point is installed on a local network, it lets any station access the wired network, as well as the Internet, if the local network is connected to it. For this reason, an unsecured wireless network gives hackers the perfect gateway to an business or organization's internal network.

Besides letting the hacker steal or destroy information on the network and giving him or her free Internet access, the wireless network might also be helping him or her to carry out cyber-attacks. Indeed, since there is no way to identify a hacker on a network, the business which installed the wireless network might be held responsible for the attack.

Radio jamming

Radio waves are very sensitive to interference. This is why a signal can easily be jammed by a radio transmission with a frequency close to that used by the wireless network. Even a simple microwave oven can make a wireless network completely inoperable if it is being used within an access point's range.

Denial of service

The 802.11 standard's network access method is based on the CSMA/CA protocol, which involves waiting until the network is free before transmitting data frames. Once the connection is established, a station must be linked to an access point in order to send it packets. Because the methods for accessing a network and associating with it are known, it is easy for a hacker to sent packets requesting for a station to become disassociated from the network. Sending out information intended to disrupt a wireless network is called a denial of service attack.

What's more, connecting to wireless networks uses up power. Even if the wireless peripheral devices have power-saving features, a hacker may be able to send enough encrypted data to a machine for it to overload. Many portable peripherals (like PDAs and laptop computers) have limited battery life. Therefore, a hacker may want to cause excessive power consumption that renders the device temporarily unusable, which is called a battery exhaustion attack.