Wireless hack attacks set to rocket

Before the end of next year an estimated 30 per cent of enterprises will suffer security breaches through insecure wireless networks, according to recent research from Gartner.

The analyst states that it is advisable to draw up a wireless security plan soon, even though its research suggests that only 50 per cent of enterprises have made plans to install a wireless network in the near future.

Gartner believes that 20 per cent of companies have testing or 'rogue' wireless networks already hooked up to their infrastructure, and that most will pose a security risk offering doors straight into the heart of the corporate local area network (Lan).

As revealed by vnunet.com earlier this week, Gartner also warns that the Wireless Encryption Protocol encryption standard used on 802.11 wireless networks is too easy to break and, that by default, security levels on wireless networks are very low.

The analyst recommends that IT managers go about hardening the wireless networks manually, as default installation will leave gaping holes.

Another security consideration is to run Ipsec-based virtual private networks on all wireless connections to beef up security between the user and the network. And, obvious as it may seem, companies should map their networks thoroughly to detect all wireless installations.

Apparently some wireless Lans are set up without the security advisor's knowledge, thus opening huge holes in the network.

The bottom line from Gartner is that, although wireless Lans entice users with unrivalled convenience, they also expose enterprises to an expanding set of access threats.

"Enterprises that can't control the appearance of access points are doomed to Lan exposure. Enterprises that do not fortify their mobile wireless Lan users are begging for client-side hack attacks. We advise clients to enact a wireless Lan security plan immediately, even if the official short-term position is to not use them at all," the analyst said.