[802SEC] Feds Label Wi-Fi a Terrorist Tool
Subject: Feds Label Wi-Fi a Terrorist Tool
From: "Dewayne Hendricks" <dewayne@warpspeed.com>
Date: Fri, 6 Dec 2002 17:14:48 -0800
<http://www.wired.com/news/wireless/0,1382,56742,00.html><http://www.wired.c
om/news/wireless/0,1382,56742,00.html>
Feds Label Wi-Fi a Terrorist Tool
By Paul Boutin
SANTA CLARA, California -- Attention, Wi-Fi users: The Department of
Homeland Security sees wireless networking technology as a terrorist
threat.
That was the message from experts who participated in working groups under
federal cybersecurity czar Richard Clarke and shared what they learned at
this week's 802.11 Planet conference. Wi-Fi manufacturers, as well as home
and office users, face a clear choice, they said: Secure yourselves or be
regulated.
"Homeland Security is putting people in place who will be in a position to
say, 'If you're going to get broken into ... we're going to start
regulating,'" said Cable and Wireless security architect Shannon Myers in
a panel dubbed "Homeland Security vs. Wi-Fi."
Myers was one of several consultants for President Bush's Critical
Infrastructure Protection Board, which is finalizing its National Strategy
to Secure Cyberspace.
Since being named special advisor to the president for cyberspace security
last year, Clarke has stressed wireless access points as a national
security threat.
"Companies throughout the country have networks that are wide open because
of wireless LANs.... Millions of houses are getting connected, which means
that more and more are getting vulnerable," Clarke told attendees at the
Black Hat Security Briefings in Las Vegas earlier this year.
"We know that (an attack) could bring down the network of this country
very quickly. Once you're on the network, it doesn't matter where you got
in," said Daniel Devasirvatham, who headed the Homeland Security task
force for the Wireless Communications Association International trade
association.
Devasirvatham said the telecom industry was represented at security
planning talks with federal agencies, but the wireless sector itself was
not.
"Do you consider yourself part of the telecom industry?" he asked the
802.11 Planet audience. "If you're a nethead instead of a Bellhead, you
probably don't. I think there's a major disconnect here."
But Myers acknowledged that regulators were frustrated in their search for
a quick fix to plug Wi-Fi holes.
"There's just not a lot of technology out there right now that can be used
to secure the technology in place," she said. "They're not at a point
where they can say, 'This will solve the problem,' and mandate it."
Rather, the most recent draft of the National Strategy document lists
stopgap steps that home and office Wi-Fi users should take to make their
networks harder to crack. The National Institute of Standards and
Technology's Wireless Network Security document contains more detailed
guidelines.
Speakers called on corporate Wi-Fi customers to participate in creating
security enhancements and best practices, lest regulators do it for them.
"Expert advice needs to be obtained from more than just the industry that
makes the equipment," Devasirvatham said.
Conference attendees were split on the potential of wireless nodes as
terrorist access points.
Boingo CEO Sky Dayton suggested turnkey security standards under
development would improve the technology's reputation. "It's possible to
secure a wireless network today," he said. "But it needs to get easier."