IBM Research Thursday said it has successfully created what it believes is
the first automated auditing tool that can monitor 802.11 wireless networks,
which would significantly improve security for users of Wi-Fi who want to
combat “drive-by hacking.” And in keeping with IBM Corp.’s endorsement of
open-source operating systems, it’s based on Linux.
As a prototype, the Wireless Security Auditor is hardly ready for the
market. But if and when IBM does decide to sell it to the wireless
networking buffs who work in a very nascent market, Big Blue could hook
network administrators itching to find vulnerable access points for their
companies. By monitoring and analyzing them in real time, the net admins could
make sure security threats are removed.
As it stands now, the security auditor runs on a small, unspecified wireless
personal digital assistant. Audit information is presented on a color coded
user interface, with configured access points shown in green, and vulnerable
ones shown in red. Info is also available for all access points, including
station and network name, address, location and security state.
Existing security for 802.11 wireless consists of two subsystems: a data
encryption standard known as Wired Equivalent Privacy (WEP) and an
authentication algorithm called Shared Key Authentication. WEP and Shared
Key are optional, and wireless access points are typically shipped with both
turned off.
Because employees often use a variety of mobile devices without thinking of
potential security issues, the security auditor was designed to help
security consultants find what access points exist to prevent intrusion. As
an example of drive-by hacking, a perpetrator rolls by an office with a
computing device such as a laptop, hacks into a network from their car, and
begins poking around. Numerous security firms, including Atlanta’s Internet
Security Systems Inc., have claimed this is very possible, and very
dangerous for corporate security as employees are highly unsuspecting.
“Today’s wireless networks are facing big security challenges,” says Dave
Safford, manager of Network Security at IBM Research. “As 802.11 wireless
networks become more common, companies’ intranets are increasingly being
exposed to drive-by hacking. Our Wireless Security Auditor will be an
essential tool for security experts to maintain wireless network security.”
Estimates of figures for wireless networking security do not exist yet
because the market is so young. But taken separately, wireless data transfer
and security are lucrative markets enough. When finally conjoined, they may
truly prove profitable for players in both fields.
Gartner Inc. has studied both. In June the research firm determined that
there will be 137 million wireless data users in the U.S. by 2005. Most
of them will be corporate users.
“Increasing mobilization capabilities of work forces, together with
additional competitive pressures will drive the adoption of wireless data to
enable corporate applications such as e-mail and messaging as well as
specific vertical applications such as field service, and sales/inventory
programs,” said Tole Hart, senior industry analyst for Gartner Dataquest’s
worldwide Telecommunications and Networking group.
As for security, Gartner stated that “only 0.4 percent of a company’s
revenue is dedicated to information security in the U.S. By 2011, however,
that figure will increase by 10 times to 4 percent of revenue for U.S.
companies.”
“While e-mail viruses and international espionage steal the media limelight,
the palette of security issues spans every business process, application and
desktop,” said Roberta Witty, Gartner research director.