Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

Why do wireless networks offer a low barrier to hackers?

17 August, 2011
Android network sniffing app brings corporate Wi-Fi network security into question
Phil Lieberman, the CEO of Lieberman Software commented recently on a new Android application that offers hackers easy access to wireless network resources through packet sniffing. He goes on to say that the best option to avoid this is to forego wireless for more traditional wired networks.



To understand this a bit more clearly, it is useful to know a bit about what packet sniffing is and how easy is it to perform.



The difference between a wired networked and a Wi-Fi network is that a wired system sends packets of information down a wire whereas Wi-Fi broadcasts the packets through the atmosphere. To intercept a packet on a wire, you need to be connected to it but to intercept a wi-fi packet, being in the vicinity of a user is enough. Internet cafes, wi-fi hotspots, corporate receptions, the airport are just some examples of places where network traffic is flying densely around in the atmosphere, available to be picked up by anyone with a laptop or a smartphone with the right application installed.



But surely these must be geeky hacker apps that require technical know-how, mustn't they? Well the answer is no, I could (but I won't) give you a link to a browser app that would give free and instant packet sniffing capabilities that my mother could use. It really is that straightforward.



So what does a hacker get when they gain access to a user's account running over an unsecured wireless connection? They get everything that the user has access to is the simple answer but it isn't always that easy and that's where the security tools and user education comes in.



The predominant tool is encryption. If the connection is encrypted then the broadcast packets are of no use to anyone. If you're using an encrypted connection then Wi-Fi is mostly harmless.



Mostly harmless? This is where Phil's point comes in. The Android app isn't just a packet sniffer, there are other things that it can do too such as password cracking and performing man-in-the-middle functions and as such is far more threatening.



Despite this, I don't see this new Android app as tolling the knell of parting day for wireless. Such innovations in tools for hackers are an alarm bell for the security that enables it to keep pace and continue honing the cutting edge. They also drive corporate network managers to consider all aspects of security and close the door firmly on intruders.



Phil sums it up in his article by saying "All it takes is one wireless configuration error, and Android-equipped hackers can gain access to the corporate network - and then all hell can break loose". This is the challenge.
Bookmark and Share