[ISN] Feds label wi-fi a terrorist tool

From: InfoSec News (isnat_private)
Date: Mon Dec 09 2002 - 00:53:14 PST

  • Next message: InfoSec News: "[ISN] Israel, FBI find hacker suspected of stealing credit card numbers from U.S. company's computers"

    Forwarded from: Andrew Simmons <andrewat_private>
    By Paul Boutin
    Dec. 06, 2002 
    SANTA CLARA, California -- Attention, Wi-Fi users: The Department of
    Homeland Security sees wireless networking technology as a terrorist
    That was the message from experts who participated in working groups
    under federal cybersecurity czar Richard Clarke and shared what they
    learned at this week's 802.11 Planet conference. Wi-Fi manufacturers,
    as well as home and office users, face a clear choice, they said:
    Secure yourselves or be regulated.
    "Homeland Security is putting people in place who will be in a
    position to say, 'If you're going to get broken into ... we're going
    to start regulating,'" said Cable and Wireless security architect
    Shannon Myers in a panel dubbed "Homeland Security vs. Wi-Fi."
    Myers was one of several consultants for President Bush's Critical
    Infrastructure Protection Board, which is finalizing its National
    Strategy to Secure Cyberspace.
    Since being named special advisor to the president for cyberspace
    security last year, Clarke has stressed wireless access points as a
    national security threat.
    "Companies throughout the country have networks that are wide open
    because of wireless LANs.... Millions of houses are getting connected,
    which means that more and more are getting vulnerable," Clarke told
    attendees at the Black Hat Security Briefings in Las Vegas earlier
    this year.
    "We know that (an attack) could bring down the network of this country
    very quickly. Once you're on the network, it doesn't matter where you
    got in," said Daniel Devasirvatham, who headed the Homeland Security
    task force for the Wireless Communications Association International
    trade association.
    Devasirvatham said the telecom industry was represented at security
    planning talks with federal agencies, but the wireless sector itself
    was not.
    "Do you consider yourself part of the telecom industry?" he asked the
    802.11 Planet audience. "If you're a nethead instead of a Bellhead,
    you probably don't. I think there's a major disconnect here."
    But Myers acknowledged that regulators were frustrated in their search
    for a quick fix to plug Wi-Fi holes.
    "There's just not a lot of technology out there right now that can be
    used to secure the technology in place," she said. "They're not at a
    point where they can say, 'This will solve the problem,' and mandate
    Rather, the most recent draft of the National Strategy document lists
    stopgap steps that home and office Wi-Fi users should take to make
    their networks harder to crack. The National Institute of Standards
    and Technology's Wireless Network Security document contains more
    detailed guidelines.
    Speakers called on corporate Wi-Fi customers to participate in
    creating security enhancements and best practices, lest regulators do
    it for them. "Expert advice needs to be obtained from more than just
    the industry that makes the equipment," Devasirvatham said.
    Conference attendees were split on the potential of wireless nodes as
    terrorist access points.
    Boingo CEO Sky Dayton suggested turnkey security standards under
    development would improve the technology's reputation. "It's possible
    to secure a wireless network today," he said. "But it needs to get
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Dec 09 2002 - 04:15:40 PST