SSI News

Don't miss the latest homeland security news from your source for information that matters.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form

2-9-2012 Roving Sensors to Catch Wireless Network Infiltrators

Posted by on in Daily News
  • Font size: Larger Smaller
  • Hits: 1557
  • 0 Comments
  • Subscribe to this entry
  • Print

The recent widespread growth of wireless networks to allow for computer mobility has created new threats to the security of critical infrastructure. While mobility improves productivity, each wireless-enabled computer with network access is another entry point into the network, meaning that these computers pose a security risk. Moreover, the wireless network itself is an avenue for breaking into a system. Infiltration via wireless networks can be as simple as driving a car near a facility and opening up a laptop.

The recent widespread growth of wireless networks to allow for computer mobility has created new threats to the security of critical infrastructure. While mobility improves productivity, each wireless-enabled computer with network access is another entry point into the network, meaning that these computers pose a security risk. Moreover, the wireless network itself is an avenue for breaking into a system. Infiltration via wireless networks can be as simple as driving a car near a facility and opening up a laptop.

To help secure wireless computer networks for the protection of critical infrastructure, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has funded the development of the WildCAT (Cyber Asset Tracking). The initiative is based upon a Defense Advanced Research Projects Agency (DARPA) project that maps the tracks of friendly and unfriendly wireless network devices. WildCAT adapts this idea to help civilian security in addressing two threats. The first threat comes from unsecured wireless connections.

While, in most cases, the critical infrastructure requires that all authorized users keep their laptops secure and only connect to authorized and secured wireless networks, noncompliance is a common risk. Users can make their individual computers vulnerable to hijacking by connecting to unsecured wireless networks, from which they can unknowingly upload viruses or spyware, and expose the contents of their computer to the eavesdroppers.

The second threat comes from “rogue” wireless access points or devices that pop up in the vicinity of a critical infrastructure. These can be used as a jumping off point into a facility’s network.

“Wireless attacks occur when an intruder comes within the physical range of a target. Currently cyberdefense teams have no ability to physically respond in real time to apprehend the intruder,” explained Christine Lee, DHS S&T program manager for First Responder Technologies. “The technology links a site’s cyber security capabilities with its physical security forces through real-time monitoring, analysis, and reporting to increase the chance of detecting wireless attacks within areas under protection.

”The threat of wireless network infiltration is not theoretical. WildCAT, an initiative that started at the Long Island Forum for Technology, was inspired in large part by a cyber-theft in 2005. A group of criminals armed with a laptop and a telescopic antenna searched for unsecured wireless networks near retail shops, and found that a Marshall’s discount clothing store near St. Paul, Minnesota used a wireless network protected only by a poor encryption methodology. The culprits slipped past the weak security and into the wireless network, reached the parent company’s databases, and stole 45.7 million credit and debit card numbers. “Should a critical infrastructure’s network be infiltrated by a wireless attack, the results could be disastrous.

WildCAT directly addresses this threat,” Lee said. In development by the Secure Decisions Division of Applied Visions Inc., the WildCAT system is designed to discover unsecured wireless access points and capture the rogue access points that may be threats, and it does so by combining physical security forces with cyber security. Dr. D’Amico, director of Secure Decisions, said, “Physical and cyber security have to work together. By combining both, you really get a big payoff. A convergence of physical and cyber security can help identify and mitigate cyber threats to critical infrastructure.

”Here’s the way it would work: A critical infrastructure’s security patrol vehicles, equipped with sensors, will search for wireless computer signals. Patrol vehicles will automatically relay key identity and location information on the found wireless device to an analysis center. The analysis center then runs the data against preset conditions that would indicate an authorized access point which is not in compliance with policy or an access point of a potential infiltrator. For example, should a facility have only stationary wireless access points, moving wireless computer signals roving around the fence perimeter would trigger an alert.

Patrol vehicles are alerted with a map indicating the location of the signal source. Christina Verderosa, an associate project manager with Secure Decisions, explained, “When physical security personnel get to the indicated site, they will look for something unusual, like a person sitting in a car with an open laptop.” Also, because WildCAT collects and relays information in real time, if the signal source moves, security forces will know and can shift their response accordingly.

Secure Decisions completed a prototype of WildCAT in June 2011, and ran its first verification test in July. For that test, a cyber security company attacked a simulated network with mobile sources, and challenged WildCAT to find them. Demonstrations of WildCAT will be scheduled in the near future, after which the project team will gather information from users and attendees to determine how to proceed with the project. Should the project receive funding for further development, WildCAT will likely go commercial in about a year.

0

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Friday, 24 November 2017