Network security managers beware: Hackers have turned their attention to 802.11 wireless LANs and are developing new attacks that put information assets at risk.
However, Atlanta-based AirDefense says wireless LANs can be secured with a layered approach to security that goes beyond standard encryption and authentication.
At this past weekend’s DefCon X hacker conference in Las Vegas, AirDefense said it sampled the traffic from the convention’s wireless LAN over a 2-hour period and identified more than 10 new types of attacks on 802.11 wireless LANs.
“As wireless LANs spread throughout businesses, hackers are honing their skills to compromise those networks,” Fred Tanzella, chief security officer of AirDefense, said in a statement. “Despite the continuing development of new threats, wireless LANs can be secured as long as security managers implement a comprehensive set of security solutions.”
During the two hours in which it monitored the wireless LAN at the hacker convention, the AirDefense WLAN security appliance generated over 13,000 alarms from a minute-by-minute account of all wireless attacks and threats.
AirDefense identified eight sanctioned access points, 35 rogue access points and more than 800 different station addresses. AirDefense’s 802.11 security experts estimate that 200 to 300 of the station addresses were fakes because only about 350 people were in the WLAN network room at a single time.
AirDefense also discovered 115 peer-to-peer ad hoc networks and identified 123 stations that launched a total of 807 attacks during the two hours. Among the 807 attacks, 490 were wireless probes from tools such as Netstumbler; 190 were identity thefts; 100 were varying forms Denial-of-Service attacks ;and 27 attacks came from so-called “out-of-specification management frames”.
Of the more than 10 new types of attacks identified by AirDefense, the company’s 802.11 security experts determined that many were new forms of Denial-of-Service attacks. But an apparent danger came from the growing number of ways in which hackers have learned to abuse 802.11 protocols.