Sound off: Why you need wireless protection
- 27 September, 2007 15:45
Editor's note: Computerworld editors Preston Gralla and David Ramel disagree on the security threat posed by wireless networks. In this article, Gralla presents his case that wireless networks are indeed a serious vulnerability. He also provides tips on how to secure a wireless network.
In Why worry about wireless? Ramel alleges that the threat is overhyped, that it's now trivial to secure wireless nets and that IT pros have far more serious security concerns they should be addressing, while home users have little to lose even in the remote chance someone tries to breach their networks. Both editors wrote their articles without having read the other's.
If you've got a wireless network at home or at your business and don't take special care to protect it, well, you're playing Russian roulette -- and the chamber is loaded with multiple bullets.
Even if you're protecting your network, you may not go far enough. For example, you may use easily crackable Wired Equivalent Privacy (WEP) encryption rather than the more powerful Wi-Fi Protected Access (WPA). (See "How to protect your wireless network" for details.)
If you're still not convinced, read on -- I give you five reasons to take the extra effort to protect your Wi-Fi network, whether it's a small one at home or part of a larger, enterprise network.
Reason No. 1: You may be aiding criminals
There's a new type of wireless piggybacker out there -- people looking for a convenient, unprotected Wi-Fi network to hop onto in order to do something illegal, quasi-legal or just downright nasty. They won't be breaking in to your PCs, but they'll be using your bandwidth and IP address for nefarious purposes.
US Local, state and federal law enforcement officers report a sharp increase in criminal use of unprotected Wi-Fi networks, according to The Washington Post. After doing an investigation, the newspaper noted, "an increasing number of criminals are taking advantage of the anonymity offered by the wireless signals to commit a raft of serious crimes -- from identity theft to the sexual solicitation of children."
For example, in Arlington County police tracked down the IP address of a suspected pedophile who traded child pornography online. Armed with a warrant, police knocked on the door of the person who used the IP address and found an elderly woman who they quickly realized wasn't the suspect. Someone had hopped onto her wireless network to do the deed.
Even if you don't have moral qualms about someone using your network for trading child pornography (and you certainly should), do you really want police knocking on your door to investigate if you're a pedophile?
Reason No. 2: Wireless is the weakest link in your enterprise
You may use high-powered security in your core enterprise network, but if you've got even a single, poorly protected wireless access point somewhere -- even hundreds or thousands of miles away from corporate headquarters -- you're at risk. Invaders intent on stealing customer records or private data or merely doing mischief can easily make their way from that single access point right into the heart of your network. And if you're a large company, it could cost you millions of dollars.
It happens more frequently than you might imagine. For example, two 21-year-old Michigan men found an unprotected wireless network at a Lowe's retail store. They hopped on to the network, "which gave them access to Lowe's central computer system, and to other computer systems located in Lowe's stores around the country," according to a Computerworld US article. Armed with that access, they installed malware at a number of Lowe's retail stores in order to steal the credit card information of customers making purchases.
Even worse was perhaps biggest data breach in history, when hackers stole 45.6 million credit and debit card numbers over a year and a half from The TJX Companies. Once again, poor wireless security at a single access point was at fault. Hackers sat outside a Marshalls discount clothing store in Minnesota. Using a directional antenna and cracking software, they intercepted data being sent over the store's wireless network, which was protected by notoriously easy-to-crack WEP encryption, rather than the stronger WPA.
Once they broke into the small, local network, they gained access to TJX's main corporate network and stole the 45.6 million records over the next 18 months. See How to protect your wireless network for details on how to turn on WPA encryption on your network.
Reason No. 3: The recording industry may sue you
What's the difference between the Mafia and the recording industry? The recording industry uses the courts rather than Big Guido as an enforcer.
As we all know, for the past several years, the recording and entertainment industry has used the courts to sue many people who the industry claims were illegally sharing or downloading copyrighted music and other digital files.
But what's less well known is that they're also trying to convince the courts that even if someone piggybacks onto your network and does the illegal download, you should be liable for the copyright infringement. Which means you'll have to hire a lawyer or get ready to pay through the nose.
How outrageous are some of these suits? Consider this one: A Brooklyn woman, Marie Lindor, was sued by the Recording Industry Association of America (RIAA) for illegally downloading music even though she didn't own a computer and had never used one. Her son used to live at home but took his laptop with him when he left. However, he apparently left behind a wireless router that was not protected. Someone piggybacked onto it and downloaded copyrighted files. So the RIAA went after Lindor.
So if you don't want the RIAA goons at your door and don't want to have to pay a high-priced lawyer to defend you, protect your network.
Reason No. 4: It's the bandwidth, stupid
Got enough bandwidth? Of course you don't. The most basic rule of networking is that no matter your upload and download speeds, they're not fast enough. So how would you like sharing your measly bandwidth with strangers and neighbors, especially those who want to suck up all your bandwidth by downloading multigigabyte movies?
As the parent of any teen can attest, bandwidth gets sucked up pretty quickly by file sharing. So why let the entire world use your precious bandwidth? Instead, protect your network against bandwidth vampires.
Reason No. 5: It's vital to protect your privacy
If someone gains access to your home or small-office wireless network, they may be able to gather enormous amounts of information about you. Do you store any personal or financial records on a PC attached to your network? If so, they're at risk if you don't take the right precautions. So if you worry about identity theft or simply don't want someone poking around your PCs, make sure to turn on protection.
Editor's note: Ready for the opposing view? Read Why worry about wireless?