Just when wireless hot-spot surfers thought it was safe to get back into the water, hackers have come up with new methods for mimicking corporate Web sites and intranets in the 802.11 environment.
â€¢ Report: Businesses Failing To Take Basic Wi-Fi Security Precautions
â€¢ ‘Evil Twin’ Could Threaten Wi-Fi Users
â€¢ Researchers Study Wi-Fi Weaknesses
â€¢ Mobile Security: One Size Does Not Fit All
â€¢ New Threats to Wireless LAN Security
More Than Mail
How to master the popular information manager. Plus, great Outlook alternatives, and apps to expand the program.
Wi-Fiâ€™s “evil twin” is basically a hacker who infiltrates a company by picking up its SSID (Service Set Identification) and learning what type of encryption is being used while sitting in a convenient spot outside the building, said IBM (NYSE: IBM - news) global solutions manager for managed security services Doug Conorich.
“Then the hacker will use a WLAN tool like Airsnort or other available freeware to suck off information about who is connecting to whom and what is happening on the Wi-Fi network,” Conorich told NewsFactor.
The intruder will attempt to gain entry by posing as one of the access points of the company, masquerading as a corporate network or “the man in the middle,” by using an antenna that is stronger than the one in the internal access point, Conorich explained. “Wi-Fi is going to connect to the strongest signal that is out there. And if the hacker has the stronger signal, then corporate people will latch onto it – and the hacker will be able to take their credentials by emulating the corporate Web site.”
A New National Pastime?
Although wireless hacking is rather new, it already is becoming something of a national pastime. There are clubs around the U.S. that are devoted to so-called “war chalking.” “When club members find an access point, they will chalk it on the sidewalk, using a code that says whether the access point is open or closed, and gives the SSID and the channels being used,” notes Conorich.
“People go out on a Friday or Saturday night, walk around and find as many access points as they can as a sort of contest,” Conorich said. “In New York City, there is a Web site called NYCwireless that logs all of the Wi-Fi access points seen around the New York City area and lists their addresses, operating channels, and so on.”
Although war chalking is not a threat to the enterprise in and of itself, it can become a prelude to “war driving” – a game that involves driving around looking for vulnerable access points that may become targets for hack attacks at a later date, Conorich added.
Hiding the SSID
“Normally, what companies do to protect themselves is to hide their SSIDs by turning off their broadcast,” said Conorich. "This forces hackers to know the SSID.â€