The hidden downside of wireless networking: Wi-Fi can cause big trouble--and you may not even know it. Here's how to keep the hackers at bay.
Worse, you may already have a wireless security problem--even if your technology staff hasn't deployed a single wireless access point. At many school districts, parents and teachers have installed unofficial Wi-Fi hotspots that connect to the school's existing wired network. (Wi-Fi, short for "wireless fidelity," is the trade name for a family of wireless networking standards.) In so doing, they may have inadvertently compromised the school's network, and your district's IT staff may be none the wiser.
Charlie Garten, the former chief information officer for the Poway Unified School District in southern California, says his district's struggles with Wi-Fi security began as early as 2002. "We weren't surprised that there were ways to jump over our firewall using wireless," says Garten, who retired in 2005. "We were caught a little bit by surprise by the number of rogue access points that had been plugged in." In some cases, his staff would receive complaints about network slowdowns at a school; on investigating, they would find as many as 10 Wi-Fi hotspots that had been installed without the IT department's knowledge. "Well-meaning people wanted to get more access for the kids, but they didn't understand all the consequences of just throwing in a bunch of wireless access points," adds Garten.
In the Palo Alto (Calif.) Unified School District, the security holes introduced by rogue hotspots had a much more public and embarrassing effect. Located in the heart of tech-savvy Silicon Valley, Palo Alto's parent community includes many people who work for companies that supply Wi-Fi equipment. As a result, these parents brought wireless networking into their children's schools at a very early stage.
"We had open networks. When they were first installed, folks could sit in the parking lot if they wanted to get some access," says Marie Scigliano, the director of technology for the district. Scigliano's staff was aware of the security problem but hadn't been able to address it completely when, in the summer of 2003, a local reporter found that she could access the district office's network through an unsecured Wi-Fi connection. Worse, the reporter was able to log on to the student information system and download students' grades, phone numbers, home addresses, medical information, psychological evaluations and even full-color photos.
The district quickly took the network offline and began correcting the problem, according to Scigliano. "We came back up with secure networks, logons, authentication and so forth," she says. However, the story received wide national coverage--thanks in part to the severity of the breach--causing a significant public relations problem for the school.
While the reporter didn't publish or alter student records, press reports noted that it would have been easy for her to do so, if she had been a more malicious hacker. That in turn would have exposed the district to serious liability problems and could possibly have put its students in danger.
Time to Hack
Unfortunately, Wi-Fi networks can be much easier to hack into than wired networks. Hackers wanting to gain access to a wired network need to physically connect to that network somehow, making it difficult for them to be truly unobtrusive. By contrast, wireless network coverage doesn't require a physical connection. If it extends beyond the school walls, would-be hackers can gain access to the network from a parking lot or other nearby location, often in complete secrecy. All the hacker needs is time.
According to a former hacker and current student at St. Louis University who asked to remain anonymous, gaining access to an unsecured Wi-Fi network is as easy as eavesdropping on a spoken conversation. Even if the network is secured, obtaining the network key requires only a few hours of monitoring network traffic using software that's widely available on the Internet, in a process known as "sniffing."
Here's how it might work: A student could set up a network sniffing program on his or her laptop, then leave the laptop in a locker for a day. By the next morning, the program would have cracked the network key.
At that point, the student hacker can "listen in" to any data transmissions over the Wi-Fi network. If a teacher logs on to the school's servers wirelessly, the student may be able to pick up the teacher's username and password. Also, if any teachers have left information on shared network drives or in unsecured, network-accessible hard drives or floppy disks, this data may also be accessible to the hacker.
"Any sort of sensitive information being transmitted or stored on a PC over a Wi-Fi network is definitely a risk," says the former hacker, who says he's hacked into school networks and found Excel spreadsheets with student grades, login passwords for student grade systems and even explicit pictures stored on teachers' hard drives.
Call in the Auditors
After discovering its problem with rogue hotspots, the Poway district engaged service provider Farm9 to conduct a security audit of the district's networks. Farm9 located all of the unofficial hotspots as well as other weak points in Poway's electronic defenses.
However, Garten notes that it has taken four years since that audit to implement all of the security recommendations, including removing rogue hotspots, upgrading servers, installing Wi-Fi encryption and creating a written security policy. "It's like everything in education--you have to have the funds to do it," says Garten. "What are you going to take funds from in order to do this?" Worse, security isn't a sexy topic, and it can be harder to garner support for security upgrades than for higher profile projects like upgrading computer hardware or fixing leaky roofs.
Complicating matters is the balance school districts must find between robust security and ease of use. "In business, you can put all sorts of security on there because you've got a limited number of programs and only certain people can access it," says Garten. In schools, there is a wide variety of software that teachers and students need to be able to use. It's also important that security measures aren't so onerous that they prevent students from getting legitimate access to the Internet. "There's a balance, where the kids can get the access they need, at a much lower price for the school district than with wired networks. But you can't leave it open so that anybody who wants to spend hours hacking has free access to your network," says Garten.
After Palo Alto's hacking incident, Scigliano says her staff conducted a security audit, upgraded systems and tightened security holes. They also developed a six-page pamphlet outlining basic computer security practices. Scigliano gave copies of this pamphlet to school principals, who then conducted training sessions with their staffs. "The pamphlet was very helpful for us in terms of teaching our staff and training them about security and confidentiality," says Scigliano. "They were aware of things they needed to do with student information stored in filing cabinets, but they weren't aware of what it meant for e-mail, online file storage and those kinds of things."
Barring the Doors
Four years after its audit, Poway has removed all of the rogue hotspots and has fully embraced Wi-Fi--this time, with district oversight and plenty of security. In fact, many schools now include a "clock tower" architectural feature where wireless transmitters can be located, providing greater range for the networks. However, network connections are encrypted. The district also has a designated chief security officer who can shut down a school's network if a hacking incident is underway. "In most districts, it would take four to five phone calls to shut down the network," Garten says. At Poway, it takes just one call to the security officer.
Brian Hernacki, an architect in the R&D lab for security software vendor Symantec, confirms that security is an issue for school districts, but notes that most wireless hacking incidents are not as serious as those described by the former hacker and Scigliano. "It is in pretty rare cases that they're actually hacking into school resources," says Hernacki. More common abuses are simply using the Wi-Fi network in an unauthorized fashion, such as connecting via a laptop in the cafeteria or playing games.
Still, the risk is present. Hernacki's suggestions include controlling access through usernames and passwords, limiting access to specific computers and setting up networks to minimize their reach outside school grounds (see the "Safer Wi-Fi" sidebar).
Garten urges school districts to address the Wi-Fi security problem as soon as possible. "They'll be able to secure their networks faster than we did because the tools have evolved, but they better start now. They should think about the consequences if someone breaks in."
Once the network is secured, you can't rest on your laurels. Hackers are continually honing their techniques and developing new attacks, so your staff needs to stay abreast of the latest security developments. That means refreshing your network security every three to six months to make sure it's hardened against the most likely attacks. "Security can get obsolete, just like your equipment," says Garten.
"Having an outside auditor come in and give you strategic advice is very helpful," adds Scigliano, whose district also used Farm9. The perspective provided by an outside party can uncover weaknesses you might otherwise miss, and also provides a roadmap for security enhancements and future upgrades.
"Compared with a typical network, Wi-Fi still has a lot of maturing to do," says the former hacker. "If a school decides to take the risks in setting one up, they need to make sure that all of the teachers and faculty know to be cautious in keeping sensitive information off the network. And administrators need to stay up to date with vulnerabilities in the network." Do all that, and you can rest easy, knowing you've kept hackers away from the gates--for now.
Dylan Tweney is a writer based in San Mateo, Calif.
RELATED ARTICLE: Steps for Safer Wi-Fi.
Wireless doesn't have to be a security nightmare. Here are some tips from Brian Hernacki, an architect with Symantec Research Labs, on how you can keep your Wi-Fi network safe and sound:
Turn on encryption
Set your network to use Wired Equivalent Privacy or even stronger Wi-Fi Protected Access encryption, which encodes every transmission on the network, making it harder for hackers to "sniff" the data as it goes by. Neither form of encryption will keep hackers out entirely, but they set the bar a lot higher. If you use WEP, make sure you use a 128-bit key, which requires a 26-character pass phrase. WPA is harder to crack and uses easier-to-remember passwords for access, so it's a better choice if your equipment supports it.
Wi-Fi networks can be configured to accept connections only from certain computers, using those computers' Media Access Control addresses, a unique number that's attached to the network adapter in every piece of networked equipment. MAC addresses are difficult to spoof, so limiting access to certain MAC addresses helps you ensure that you control who's on your network. On the down side, you need to maintain an up-to-date list of permitted machines.
Require usernames and passwords
Configure your network so that users can gain access only with the proper username and password. If you issue unique usernames to each student, teacher and administrator, you'll be able to track any misuse of the system. Because people may share passwords with each other, be sure to change these every month or every quarter.
Keep the network inside
By carefully locating Wi-Fi routers and using directional antennas (which focus the signal in a particular direction), you may be able to limit the accessibility of your network outside school grounds. This will make it harder for hackers to do their dirty work unobserved.
Turn it off at night
Turning off the Wi-Fi network after-hours means that hackers will need to make their intrusion attempts during the day, when they're more likely to be noticed by staff or students.
Educate your staff
Make sure teachers and administrators are aware of the security risks of using Wi-Fi. For the maximum security, permit access to student information systems (such as grades databases) via wired networks only, and ensure that computers connecting to these systems do not also have Wi-Fi capability.
RELATED ARTICLE: Hacker toolkit.
Hackers rely on commonly available tools to find the weak points in wireless networks, The good news: Your IT people can use the same tools to find out where your network's defenses need reinforcement. Here are some of the most popular programs:
This popular tool monitors traffic on encrypted Wi-Fi networks. Once it's gathered enough data, it's able to figure out the encryption key, thereby allowing access to the network.
NetStumbler was one of the earliest and most popular "wardriving" tools. It monitors the airwaves for nearby Wi-Fi networks, providing information on each one it detects. NetStumbler only works with certain Wi-Fi access cards.
A more modern and capable wardriving program, Kismet works with many Wi-Fi cards. In addition to identifying nearby networks, Kismet also provides traffic monitoring (sniffing) so hackers can eavesdrop on wireless data transmissions.
The SAINT vulnerability scanner checks every computer on your network for security vulnerabilities, providing a report that you can use to eliminate weak spots and shore up your defenses.
|Printer friendly Cite/link Email Feedback|
|Date:||Jun 1, 2006|
|Previous Article:||Graduation woes: high school rates may be rising, but not fast enough.|
|Next Article:||Leader/pioneer/secret shopper: Montgomery County's Assistant Superintendent John Q. Porter is all of these things--and more. Learn how he's...|