http://www.asahi.com/english/national/K2002122600287.html The Asahi Shimbun 12/26/2002 Since anyone with the software could pry, cable is back in style. The Meteorological Agency and the Tokyo metropolitan government stopped using wireless local area networks (LAN) last week after learning data was wide open to anyone with the will and the right software. Wireless LANs are increasingly popular because they can be introduced or expanded quite simply without cumbersome cables. But when Kazuo Tanabe, a computer consultant in Sabae, Fukui Prefecture, studied LAN emission risks around government office LANs in his own prefecture, then in Tokyo, he found that data transferred on wireless LANs could be intercepted and read by anyone using software freely available on the Web. Tanabe said he first assessed the risk of LAN signals radiating from the municipal buildings of Sabae and Fukui, then came to Tokyo last week to measure the risk around some central government office buildings, especially in the Kasumigaseki district. There he found that data stored in the Meteorological Agency's personal computers-even personnel records and minutes of meetings-was especially vulnerable. The risk was highest at the agency's department dealing with volcanic activity, which lacked proper firewalls such as data encryption and password-protected access. When The Asahi Shimbun inquired about data vulnerability, the agency found two of seven wireless LANs could be monitored from outside. A LAN management official there said the network was shut down immediately, departments were informed and all computers on wireless LANs were switched to cable. At the Tokyo metropolitan government offices, several bureaus, including construction and environmental protection, did not encrypt the data moving over their LANs. At the office that administers public hospitals, most of the 80 PCs used by supervisors could be read from outside. Data exposed to prying eyes included payment to doctors and patient records. An official said network personnel were not well informed about security, but said all the wireless LANs were swapped for cable over the weekend. During his experimental foray at the Ministry of Economy, Trade and Industry, Tanabe said he found pirate versions of movies, including ``Harry Potter,'' TV dramas and video clips of entertainment personalities, which an official later said were for personal use. Encryption had not been used in some LANs at the Foreign Ministry or the Ministry of Agriculture, Forestry and Fisheries until September, when data vulnerability was pointed out. ``Use of wireless LANs is inappropriate for government agencies that handle personal information,'' Tanabe said. ``One hole in the network lets hackers in. Data can easily be stolen or altered. Or the opening can be used to spread viruses or other misdeeds.'' - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Dec 27 2002 - 09:54:12 PST