RealTime IT News

Internet Security Systems Moves to Parry Drive-by Hackers

Atlanta-based Internet Security Systems Inc. (ISS) has long had this concern about drive by hackers. That's right -- drive-by hackers.

ISS claims perpetrators can equip their laptops with wireless technology, sit inconspicuously on a park bench, or in a car, and casually monitor traffic, access applications, and hijack data flowing over someone else's wireless network, unbeknownst to the victim. To combat this threat, which sounds like it could be a plot line from an upcoming James Bond film, ISS Wednesday drew the curtain on wireless local area network (WLAN) security software an consulting practices.

Why create safety for the WLAN? ISS said it believes enterprises are deploying WLANs with increasing regularity because they are cost-effective and help workers grab knowledge on the go from laptops or personal digital assistants (PDAs). And very little exists in the way of security for wireless networks as compared to their wired counterparts, LANs?

Gartner Group, it would seem, concurs that wireless networks are in the midst of proliferation. The research firm said 50 percent of all enterprises in the U.S. will have deployed a wireless LAN by 2002, an increase from 21 percent at the end of last year (2000). Accordingly, ISS said the fact that wireless LANs can easily be accessed by outsiders -- friendly or not -- means they need strong protection.

And just as perpetrators like hackers and crackers have done to wired networks, they can assault WLANs through the same methods: unauthorized access points; data interception; denial-of-service (DoS) attacks; peer-to-peer sabotage; and wireless laptops to attacks when they roam to public access points, such as airports and hotels.

What is more frightening, ISS claims, is that non-technical employees, while often victims of attacks, are often unaware of these threats. This ignorance can make the comfort of the firewall a false security blanket.

"Most companies have no idea that their networks are wide open to wireless security risks," said Christopher Klaus, founder and chief technology officer for ISS. "Employees today are adding their own wireless access points to the backbone of their company's network without the knowledge of their IT and security staffs. With a lack of awareness by the company that an access point has been added and a lack of proper security configuration, these rogue access points can become an intruder's dream backdoor into a company's network despite the front door firewall."

So, ISS has devised a host of software packages to prevent intruders via detection. It has also implemented consulting and managed security to accompany these products:

  • anX-Press Update for its Internet Scanner software -- enables customers to scan and identify rogue wireless access points on their networks. The X-Force team, ISS' security research arm, is developing additional security risk definitions for new wireless LAN (WLAN) risks and these will be available as X-Press Updates in the near future
  • Security Architecture Consulting -- Internet Security Systems' consulting solutions group has integrated its security knowledge and methodology into wireless-specific offerings, including evaluations, penetration testing, design and security policy development
  • SecureU Education Services -- Scheduled to debut during Networld + Interop in Las Vegas on May 7, ISS has added a wireless security seminar to its SecureU education programs
  • Managed Security Services -- As WLAN protection features are added to ISS security software products, ISS' Managed Security Services will also integrate these capabilities into its remote managed security services offerings, protecting customers