Moving from liability to viability: hospitals, health plans and physician practices can outsmart hackers with policy, a comprehensive security infrastructure and wireless monitoring.As wireless LANs A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area are deployed in the healthcare market, their benefits become clear: improved accuracy and efficiency for nursing documentation, dramatic decreases in preventable medication errors medication error Malpractice An error in the type of medication administered or dosage. See Adverse effect, Error. , greater customer satisfaction through streamlined admissions and improved information access for physicians.
What isn't as clear are the risks that wireless LANs create from a security standpoint. This leaves healthcare administration Healthcare administration is a term that typically refers to the Master of Health Administration (MHA)—also Master of Healthcare Administration— degree, which is a graduate professional degree that provides training in health policy, economics, project and and IT staff with a difficult decision: to deploy wireless to decrease errors, improve efficiency and lower costs, or to delay wireless deployment until wireless security improves.
Let's take a closer look at the true extent of the risks created by wireless networks, what exposure they create and what should be done to address those problems.
Rogue Wireless Deployments
The most dangerous issue associated with wireless LANs is that protected health information protected health information Health informatics Any individually identifiable health informatlon that is used or circulated by an entity that falls under the governance of HIPAA; the privacy regulations mandate safeguards for protected health information, and the traveling through a healthcare network is broad cast in the air by a wireless access point (AP) and can be easily intercepted from up to several miles away. Without the proper configuration of authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC.
(2) Verifying the identity of a user logging into a network. and encryption on the AP, anyone--not just a sophisticated hacker--can access the network, intercept all data transmissions, and send and receive data as if plugged in at a desktop.
How would a wireless network be deployed without proper authentication and encryption? Unfortunately, there are several ways this can happen. The most common and well-known issue is the deployment of unsanctioned "rogue" wireless access points.
There are endless examples of rogue wireless deployments in healthcare:
* physicians in the medical office deploying their own wireless networks so they can access their data from a common medical library on another floor;
* a radiologist who connected two competing hospitals with wireless LANs so he could review films from both hospitals in one office;
* a group of accounting consultants who needed connectivity for several users in a conference room with only one Ethernet jack;
* a mobile cart vendor who left behind an evaluation cart and a wireless AP; or
* a vendor who plugged in an access point to intercept e-mail traffic from purchasing to determine what bids were being offered by competitors.
All of these examples expose the entire network--not just wireless traffic--to outsiders who want to intercept data or compromise the network.
In addition to rogue AP deployments, insecure wireless networks can be deployed accidentally through the improper configuration of an access point during installation, after a power failure or as a result of maintenance. Insecure networks can be created by users who configure PCs in peer-to-peer or "Adhoc" mode and connect them to the wired network, effectively creating a rogue access point (1) A wireless access point (AP) installed by an employee without the consent of the IT department. Without the proper security configuration, users have exposed their company's network to the outside world. .
Also, wireless devices themselves are vulnerable to an issue known as "unintentional association." This occurs when a wireless device unwittingly connects to a neighboring neigh·bor
1. One who lives near or next to another.
2. A person, place, or thing adjacent to or located near another.
3. A fellow human.
4. Used as a form of familiar address.
v. network, without the knowledge or intervention of the user. This is a significant issue in urban and densely populated pop·u·late
tr.v. pop·u·lat·ed, pop·u·lat·ing, pop·u·lates
1. To supply with inhabitants, as by colonization; people.
2. suburban environments, where dozens of wireless networks coexist co·ex·ist
intr.v. co·ex·ist·ed, co·ex·ist·ing, co·ex·ists
1. To exist together, at the same time, or in the same place.
2. . Unintentional association also creates a risk from malicious hackers who use hacking tools to make their PCs look like a legitimate access point, to coax the unsuspecting user to connect to the hacker's PC. If the user has file-sharing enabled, the hacker can easily copy files to or from the user's PC or exploit that PC in other ways. This exploit can be done even if the PC is connected to a secure network.
Because wireless LANs provide all easy target with a low likelihood of a hacker being caught, wireless hacking In security breaches, wireless hacking is the unauthorized use or penetration of a wireless network. A wireless network can be penetrated in a number of ways. There are methods ranging from those that demand a high level of technological skill and commitment to methods that are has become extremely popular, with thousands of hackers using dozens of tools designed specifically for compromising wireless LANs. These tools provide hackers with complete anonymity to avoid being identified and make it easy to find vulnerable wireless LANs, assess their security configuration, exploit the security mechanisms, or attack the wireless or the wired network in order to crash it.
Recently published tools are sophisticated enough to attack more advanced wireless security protocols such as LEAP by sniffing user authentications and quickly cracking weak passwords. There are even "packaged" versions of these tools that allow a PC to boot from a preconfigured Set up ahead of time. It implies that the device or software application has been modified to suit the customer or situation. See ghosting server. CD containing a variant of Linux that contains some of the most popular wireless exploit software to make it easy for beginners to use them.
The most innocent and well-known form of wireless hacking is called war driving. Wireless radios, scanning software and GPS receivers are used to locate and map access points across the country. There is even an annual worldwide war drive where thousands of participants find, log and upload access point locations to online data-bases such as www.wigle.net.
War driving helps to document the location of public hot spots hot spots
acute moist dermatitis. and, by itself, is not malicious. However, anyone wanting to know if a hospital is vulnerable need only supply the latitude and longitude latitude and longitude
Coordinate system by which the position or location of any place on the Earth's surface can be determined and described. Latitude is a measurement of location north or south of the Equator. of the facility to wigle.net to find if the hospital has open access points that can be attacked.
War driving is only the beginning, however. Once a wireless network is detected, the hacker can scan the network for vulnerabilities, sniff unencrypted data out of the air, hijack user sessions A count of how many times all users access a Web site regardless whether the same person came back several times during the measurement period. If a user leaves and returns within a short time, some systems count those sessions as one. Contrast with unique visitors. See also user session. , attack wireless stations, shut down the wireless network, attack the wired network, plant worms or simply steal Internet bandwidth. The press is full of examples of wireless attacks: Major retailers have had credit card transactions stolen, businesses have had spam transmitted from their network without their knowledge, and consultants and press have exposed companies with open wireless networks to generate publicity.
Most recently, a physician practice received great notoriety when its wireless LAN was compromised and the data the hacker obtained were sent to the practice's insurance company--and worse, to the patients themselves. This hacker became the first person to be convicted of a wireless cybercrime cybercrime
also known as computer crime
Any use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. , only because he exposed his activity by contacting the individuals affected by his actions. There are hundreds of similar stories that have not made the press.
What can be done to avoid these risks? For many institutions, wireless presents a risk they are not willing to take, so they have delayed wireless deployment. However, this may actually increase the risk by inviting the deployment of highly vulnerable rogue wireless networks. The answer lies in three steps:
* creating, communicating and enforcing a wireless policy;
* building a comprehensive wireless security infrastructure; and
* using wireless monitoring to monitor, enforce and document policy adherence.
Importance of Policy
The first step is critical: to create a wireless policy that is distributed from senior management to all employees, physicians, sub-contractors and business partners. The policy should document clearly what risks wireless poses to the organization, who has authority over wireless deployments and what the repercussions repercussions npl → répercussions fpl
repercussions npl → Auswirkungen pl are for not following policy. This policy should be part of any chain-of-trust agreements with third parties.
However, policies are often ignored, forgotten or mistakenly broken, so detection of violations and enforcement are critical. With all of the possible ways that insecure wireless LANs can be created, how can policy be enforced, especially in a large institution with limited resources? Periodic vulnerability assessments are prone to human error, create a significant recurring expense and don't provide continuous protection.
To effectively enforce policy requires a multilayered mul·ti·lay·ered
Consisting of or involving several individual layers or levels. security infrastructure that consists of wireless device protection, access point configuration management, wireless VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. deployment and enterprise wireless monitoring. Wireless device protection can be provided by personal firewalls or vendor-provided tools that ensure that stations are protected from unintentional association with neighboring networks or malicious attacks by hackers posing as legitimate access points.
Access point configuration management tools provide simplicity of configuration for large wireless deployments to improve the consistency of wireless configurations with minimal resources and effort. A wireless VPN treats the wireless network as a "dirty" network like the Internet, and provides a more robust means of authentication and encryption to improve access control and the privacy of information.
The final layer--wireless monitoring--ensures that all of the other layers are configured and operating according to according to
1. As stated or indicated by; on the authority of: according to historians.
2. In keeping with: according to instructions.
3. policy. A monitoring solution ensures that there are no rogue stations by detecting the presence of potential hackers or devices that have not been securely configured by the IT staff. Monitoring verifies "out-of-band" that the access points have been properly configured and that they maintain the proper security configuration.
Monitoring also verifies that authentication and encryption are being used according to policy by detecting rogue access points, Adhoc station configurations, unintentional associations with neighboring networks, or malicious attempts to disable To turn off; deactivate. See disabled. or circumvent the VPN firewall. Most importantly Adv. 1. most importantly - above and beyond all other consideration; "above all, you must be independent"
above all, most especially , a monitoring solution provides the capability to document adherence to policy over time--along with alarms for policy violations and resolution--providing management with a concise and reliable means of ensuring HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, compliance.
Wireless LANs pose a serious security risk to the healthcare enterprise, even for organizations with no sanctioned wireless deployment. The threats are real, with a growing number of wireless hackers and more sophisticated wireless hacking tools outpacing attempts to improve wireless security.
For more information about services from AirDefense. www.rsleads.com/402ht-203
Bill Sims Bill Sims, Jr., is an American blues musician. He grew up in Marion, Ohio and began playing piano at the age of four. At age 14, he turned professional and joined the rhythm and blues band the Jacksonian Blues, which he left to attend Ohio State University. is the director of healthcare solutions for AirDefense, a provider of wireless LAN security One issue with corporate wireless networks in general, and WLANs in particular, involves the need for security. Many early access points could not discern whether or not a particular user had authorization to access the network. solutions in Alpharetta, Go. Contact him at email@example.com.