With this great mobile computing power and flexibility comes major risk. War
driving can enable hackers to obtain unauthorized access to corporate resources and
proprietary intellectual property. The login credentials of legitimate wireless users can be
sniffed or cracked. Malicious insiders can move throughout an enterprise network with
impunity via sessions with insecure wireless access points.
The consequences of these risks are significant. We have seen spammers and phishers
leverage open access points to send unsolicited and malicious electronic mail in stealth
mode. Worms are introduced through a new infection vector. Customer lists and account
numbers are routinely downloaded to portable devices. Enterprise databases are accessed
and modified by unauthorized users.
The bottom line is that wireless insecurity, as long as it is unaddressed, enables the
theft of data, lowers productivity, and causes quantifiable financial losses.
6.3 Understanding Wi-Fi Protected Access (WPA)
Created by Motorola and other Wi-Fi Alliance vendors, WPA was based on an early draft
of IEEE 802.11i to address critical flaws in WEP. These security shortcomings required an
interim solution that would not require hardware upgrades or replacements for existing
consumer devices.
Pages:
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361