http://www.networkworld.com/news/2008/051908-lockheed-martin-wireless-security-lab.html By Brad Reed Network World 05/19/2008 Jason Crawford has learned that if you want to break into secure Wi-Fi networks, you don't need to buy equipment from the black market. Instead, you can buy it from Toys "R" Us, he says. Crawford, who works as a principal investigator for R&D projects at Lockheed Martin's newly opened wireless-security laboratory, says he has figured out how to crack the seemingly secure wireless networks that consumers and corporations use - with nothing more than a cluster of eight PlayStation 3s. Crawford won't go into the details of just how he used the PS 3s to hack Wi-Fi networks, but he says that you don't have to be a top-level hacker to figure it out. "The PS 3s use a processor called the Cell Broadband Engine, and it's so insanely fast that it didn't take long for us to crack [Wi-Fi Protected Access] networks once we started writing some software for it," Crawford says. "I set up a cluster of about eight PS 3s. . . . Getting them together wasn't all that expensive," he says. Crawford's PlayStation hack is just one of many projects that Lockheed Martin researchers are working on to head off the dangers of technological surprise. In other words, the brains at the company are in a race to discover the loopholes and faults in wireless security before terrorists and cyber criminals do. Needless to say, this requires a tremendous amount of outside-the-box thinking, says John Morrison, chief of the company's Wireless Cyber Security Lab. "The 9/11 Commission said that one of the biggest reasons that the government failed to prevent the 9/11 attack was a failure of imagination," Morrison says. "We're trying to ensure that something similar doesn't happen in the realm of wireless communications," he says. Defining the problem So, just what are the biggest emerging threats in wireless security? Perri Nijeb, CTO for Lockheed Martin Information Systems, says her biggest concern has been the gradual migration of the office to the home. In other words, as workers increasingly connect to company data through corporate VPNs from their homes, companies have less and less control over where their employees can gain access to sensitive information. "The lines between our 'work' environment and our 'home' environment are becoming increasingly blurred as wireless routers, phones and aircards rapidly extend the traditional office enterprise further and further to the 'edge,'" Nijeb says. "The network now moves with the individual to their living room, hotel room, car and coffee shop. . . . This is both exciting and challenging for us." To that end, Lockheed Martin has been running tests on many types of consumer technology that have been migrating to enterprise networks, including Wi-Fi, WiMAX, Bluetooth, and cell phones. The abundance of Wi-Fi hot spots is one of the lab's most pressing concerns because Wi-Fi increasingly has become ubiquitous in urban areas and oftentimes users can connect to unsecured networks and not even realize that they're at risk. The major issues with Wi-Fi include "connection hijacking, deliberate or inadvertent denial of service, the creation of security holes in corporate or government networks, and difficulty in attributing network actions to specific IP addresses, due to the ease of hijacking," Nijeb says. Morrison says all these issues, particularly connection hijacking, have the potential to cause massive headaches for corporate IT departments if they don't educate their users about security issues. "When I was working in New York City as the IT director for a financial services company, we had a problem with drug dealers using others' unprotected Wi-Fi networks to do their deals," Morrison says. "And then when the authorities would trace their IP address, it would go back to the home of one of our unsuspecting employees." Another concern for the lab is the spread of Bluetooth technology. Although Bluetooth generally has a very short transmission range, Crawford notes there are technologies that can pick up Bluetooth signals from farther away than where they're supposed to be accessible. This has particularly frightening implications, because sophisticated hackers theoretically could use Bluetooth to track people's movements, he says. "Bluetooth is already installed in most semi-expensive vehicles right now," Crawford says. "If you want to track somebody's movements, you just need to set up several sleeper PDAs in the area where they're traveling, and if you have a high-enough antenna, you can pick up a lot of people's movements." In addition, because more and more handsets are being equipped with Bluetooth, Wi-Fi and WiMAX capabilities, Crawford says these security vulnerabilities are expected only to multiply in the coming years. "A lot of these features can be difficult to turn off, and most people don't even know about them," Crawford says. "What's more, a lot of these devices will try automatically to get on hot spots." Where the boardroom meets the battlefield The problems being addressed by Lockheed Martin's wireless security lab aren't limited to the enterprise, of course. Most of them also are becoming increasingly crucial to securing the military's battlefield communications networks. Currently, the company is helping the Army's Warfighter Information Network-Tactical program build a new mobile network that can span an entire theatre of operations and will equip all Humvees, tanks and other vehicles with IP radios that will link to an ad hoc network capable of delivering 100Mbps of data to soldiers on the move. "The military has a vision of having an IP address for every soldier and weapon," Morrison says. "They're not going to be trailing wires around on the battlefield, but that can lead to some vulnerabilities." Just as corporate users are vulnerable when they connect to enterprise networks using home Wi-Fi connections, soldiers are at their most vulnerable when they use wireless communications in crowded urban environments, Morrison says. He acknowledges that urban battle settings are difficult to recreate in a laboratory environment, but he says that the lab has tried using fixed and mobile communications systems to simulate how soldiers will travel in the theatre of operations. The main challenge lies in creating a collection of wireless nodes that can pass on informal to low-power or low-bandwidth devices effectively while still being able to be set up and taken down as quickly as the mission dictates, Nijeb says. The stakes on the battlefield are certainly higher than the stakes in most home offices, but corporate networks can learn a great deal from how the military effectively deploys wireless networks with connections that are both fluid and secure, she says. "This concept again points to the expansion of the network beyond traditional boundaries," Nijeb says. "Cyber and wireless security has been of high interest due to its almost limitless boundaries and the fact that it touches and impacts everyone, not just the military and the government. This newly emerging wireless world will only succeed if all of the stakeholders feel they can trust in the security of the network." All contents copyright 1995-2008 Network World, Inc. _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue May 20 2008 - 01:48:14 PDT