http://www.thecouriermail.news.com.au/common/story_page/0,5936,9553516%255E8362,00.html Tess Livingstone higher education editor 14th May 2004 THREE Brisbane university students have discovered a major flaw in wireless network technology that means hackers can bring down critical infrastructure in as little as five seconds [1]. The finding, which is likely to have worldwide ramifications - was identified by the Queensland University of Technology's Information Security Research Centre. Wireless technology is booming in popularity because it allows for access to the Internet without the need for cables and it is also used in some countries - but not Australia - to control infrastructure such as railways and electricity. Associate Professor Mark Looi, the deputy head of QUT's School of Software Engineering and Data Communications, said the discovery should send a warning to government and industry worldwide. "Any organisation that continues to use the standard wireless technology (IEEE 802.11b) to operate critical infrastructure could be considered negligent," Professor Looi said. "This wireless technology should not be used for any critical applications, as the results could potentially be very serious." Professor Looi's PhD students Christian Wullems, Kevin Tham and Jason Smith discovered the flaw while investigating mechanisms for defending wireless devices against hackers. Mr Wullems will present the findings to the Institute of Electrical and Electronic Engineers Wireless Telecommunication Symposium in California today. Potential attackers only need a common wireless adaptor which retails for about $50, and instead of using it to enable their computer to access a network, they can change its coding to interfere with transmission. "With this adaptor you can basically totally disrupt any wireless network that uses this technology within a kilometre of its operation in anywhere between five and eight seconds," Professor Looi said. The Information Security Research Centre at QUT has been working with AusCERT - Australia's national computer emergency response team - to alert manufacturers about vulnerable wireless networking equipment since the discovery was made in November last year. A solution is yet to be found. In Brisbane, about 12 public access networks and many corporate intranet systems, including those in large department stores could be affected, Professor Looi said. "QUT confirmed their findings with other leading independent researchers in Australia," he said. Professor Looi said that while the process to bring down a wireless network was very simple, it did not compromise the data on the network. Tools were currently being developed so wireless networks could be tested to see how vulnerable they were to disruption. [1] http://www.auscert.org.au/render.html?it=4091 _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Fri May 14 2004 - 02:49:26 PDT