Security group warns of flaw in wireless protocol
The Australian Computer Emergency Response Team issues an advisory warning companies that their wireless networks could be disrupted by an attacker with a handheld device.
A vulnerability in the most common wireless networking protocol, the 802.11 standard established by the Institute of Electrical and Electronic Engineers (IEEE), allows a device to essentially jam other devices on a network using a low-power signal.
 | ||||
| | | ||
| Get Up to Speed on... Enterprise security  Get the latest headlines and company-specific news in our expanded GUTS section. | | ||
| ||||
| ||||
"Previously, attacks against the availability of IEEE 802.11 networks have required specialized hardware and relied on the ability to saturate the wireless frequency with high-power radiation, an avenue not open to discreet attack," AusCERT said in its advisory. "This vulnerability makes a successful, low-cost attack against a wireless network feasible for a semiskilled attacker."
The flaw affects the clear channel assessment (CCA) procedure, which attempts to minimize the probability that two devices will broadcast on the same frequency. The attack can cause all devices in range to wait to transmit until the attack has halted.
| ||||
| | | ||
| Get Up to Speed on... Wi-Fi Get the latest headlines and company-specific news in our expanded GUTS section. | | ||
| ||||
| ||||
The attack is considered a denial-of-service tactic and, as such, is not rated a critical problem. However, AusCERT warns that emergency response networks should move to wireless technologies that are not vulnerable to jamming.
Vulnerable devices include any that support the 802.11, 802.11b and low-speed 802.11g wireless standards. Devices that use 802.11a or high-speed 802.11g, above 20mbps, are not vulnerable, the organization said.