IBM Ripples Security Waves with 802.11 Wireless Auditing Tool
Page 1 of 1
IBM Research Thursday said it has successfully created what it believes is the first automated auditing tool that can monitor 802.11 wireless networks, which would significantly improve security for users of Wi-Fi who want to combat "drive-by hacking." And in keeping with IBM Corp.'s endorsement of open-source operating systems, it's based on Linux.
As a prototype, the Wireless Security Auditor is hardly ready for the market. But if and when IBM does decide to sell it to the wireless networking buffs who work in a very nascent market, Big Blue could hook network administrators itching to find vulnerable access points for their companies. By monitoring and analyzing them in real time, the net admins could make sure security threats are removed.
As it stands now, the security auditor runs on a small, unspecified wireless personal digital assistant. Audit information is presented on a color coded user interface, with configured access points shown in green, and vulnerable ones shown in red. Info is also available for all access points, including station and network name, address, location and security state.
Existing security for 802.11 wireless consists of two subsystems: a data encryption standard known as Wired Equivalent Privacy (WEP) and an authentication algorithm called Shared Key Authentication. WEP and Shared Key are optional, and wireless access points are typically shipped with both turned off.
Because employees often use a variety of mobile devices without thinking of potential security issues, the security auditor was designed to help security consultants find what access points exist to prevent intrusion. As an example of drive-by hacking, a perpetrator rolls by an office with a computing device such as a laptop, hacks into a network from their car, and begins poking around. Numerous security firms, including Atlanta's Internet Security Systems Inc., have claimed this is very possible, and very dangerous for corporate security as employees are highly unsuspecting.
"Today's wireless networks are facing big security challenges," says Dave Safford, manager of Network Security at IBM Research. "As 802.11 wireless networks become more common, companies' intranets are increasingly being exposed to drive-by hacking. Our Wireless Security Auditor will be an essential tool for security experts to maintain wireless network security."
Estimates of figures for wireless networking security do not exist yet because the market is so young. But taken separately, wireless data transfer and security are lucrative markets enough. When finally conjoined, they may truly prove profitable for players in both fields.
Gartner Inc. has studied both. In June the research firm determined that there will be 137 million wireless data users in the U.S. by 2005. Most of them will be corporate users.
"Increasing mobilization capabilities of work forces, together with additional competitive pressures will drive the adoption of wireless data to enable corporate applications such as e-mail and messaging as well as specific vertical applications such as field service, and sales/inventory programs," said Tole Hart, senior industry analyst for Gartner Dataquest's worldwide Telecommunications and Networking group.
As for security, Gartner stated that "only 0.4 percent of a company's revenue is dedicated to information security in the U.S. By 2011, however, that figure will increase by 10 times to 4 percent of revenue for U.S. companies."
"While e-mail viruses and international espionage steal the media limelight, the palette of security issues spans every business process, application and desktop," said Roberta Witty, Gartner research director.