LAS VEGAS -- Wednesday's sobering thought here at Comdex Fall 2001 was this: all it takes to wreak havoc in most...
wireless local area networks (LANs) is a well-placed Pringles can.
Security expert Vincent Gullotto, a senior director of Network Associates' McAfee AVERT security team, told the tale of a hacker whom authorities recently apprehended while attempting to plant a virus inside a company's wireless LAN.
First, the hacker built a receiver to pinpoint the LAN's transmission frequency, and squeezed it inside a nondescript Pringles potato chip can. Then, he found a location that was outside the target company's building, but still within its LAN perimeter, allowing him to use the network as if he were any other employee.
"From there, the hacker just drives up to your building, points (the Pringles can) at your wireless LAN, and hacks in using your bandwidth, all while he has lunch," Gullotto said.
That example was just one of several unsettling ways Gullotto illustrated how innovative and sinister virus writers and hackers can be, and how thinking like the attackers is the best way to thwart them.
He said hackers seek out the weakest link in a network, which is typically the remote user who works from home on a laptop and only visits the office on occasion. When working remotely, end users often forget or disregard the need to update virus definitions regularly, and unknowingly contract viruses.
"When most people come into the office, they connect to the network to get their e-mail and then they log off. They don't get the latest (virus) scanner updates," said Gullotto, but by then it is often too late. The hidden virus has already spread across the LAN and potentially damaged software and data.
Gullotto said preventing such problems is not difficult, but requires diligence. First, end users need to be constantly reminded to update their security software so that the latest viruses are detected.
Attendee Howard Mohler, a computer systems specialist with the U.S. Navy, suggested network administrators should send out regular security-related e-mails and PowerPoint presentations to inform users about relevant security topics.
Also, Mohler said administrators should also configure client networks to prompt end users to update their security software if they have not updated within a certain time frame.
High-speed home Internet access is another modern innovation that puts end users and their companies at risk. For instance, if an employee buys a computer that includes a high-speed Internet access package, typically the employee will forget about security in favor of getting the computer online as fast as possible.
The door is then left open for hackers to plant viruses, which can easily spread to a company's network if the computer is ever connects to a company's LAN.
"(Internet service providers) make it relatively easy to get on the Internet. Users have the world at their fingertips, but they haven't done anything to get the security they need," Gullotto said.
Finally, to stop Pringles attacks, Gullotto said administrators should ensure wireless LAN perimeters extend no farther than a company's physical walls. Otherwise, it's like opening a can of worms.