Read Bennett Gold LLP's privacy policies and practices regarding this web site.
LINK TO: Bennett Gold LLP's Privacy Policies and Practices. E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


WIRELESS RISKS ON THE RISE, SAY EXPERTS

Source: Security Wire Digest

Posted on December 13, 2001

      Wireless network deployments are on the rise, but, the knowledge and skills needed to secure them aren't keeping pace with ever-increasing threats, say experts.

      "More and more companies will begin utilizing wireless and the risks are going to go through the roof," says James Foster, a senior consultant at MSSP Guardent. He points out that prior to 1995 the targets were primarily Unix- and Solaris-related, but now are Microsoft products because of widespread deployment.

      Foster anticipates that wireless exploits--including an assessment tool targeting access point authentication vulnerabilities--will "go up tremendously" in the next six to 12 months as wireless networks become more widely used. Those will supplement the existing cracker's arsenal of a half-dozen or so tools that sniff or actively penetrate wireless networks, Foster says.

      Based on the responses of more than 1,200 security professionals, a new wireless security survey conducted by Information Security magazine found that 79 percent of those polled say they're at least somewhat knowledgeable about securing wireless technology. Experts disagree with this assessment.

      "It strikes me as odd that three of four respondents considered themselves at least somewhat knowledgeable given that most wireless deployments are insecure," says Brad Johnson, VP of SystemExperts.

      Johnson says many users want wireless networking capabilities and are perfectly capable of setting one up without the help of the IT department. "You need to survey your environment to see what is out there," says Johnson. "Like the 2001 Industry Survey shows, time and time and time again we find that most intrusions and security breaches happen from the inside."

      While wireless networks are still in their infancy, 94 percent of respondents were concerned about the security of corporate wireless networks.

      "The strange thing is, we've seen so many rogue installations that everyone should be worried because you have no idea if Joe Engineer is going to install a wireless device on your network," says Dick Mackey, principal of SystemExperts. "You'd have no idea unless you went searching."

      While experts agree that best practices can go a long way toward securing networked data, some say existing wireless security measures are inadequate and pale in comparison to wired security.

      "I don't care if you use authentication and encryption," says Foster. "With wireless-accessible data, it's only a matter of time until brute-force attacks work. That's the huge difference in risk between wireless and wired networks."

      However, experts predict that an increase in wireless LAN exploits and war driving won't receive widespread publicity. "I believe wireless networks will be widely exploited, but people aren't going to know it's happening because most don't deploy intrusion detection under internal networks," says Phil Cox, a consultant at SystemExperts. "If the system gets compromised, they can't tell if it was from outside on the wireless LAN or a rogue employee on a hard terminal. We're going to see some high-profile cases, but not a lot because most won't know it's happening."




CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.


ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.