Homeland security waiting for Wi-Fi

Security must be a priority for users and makers of wireless networking equipment in order to prevent attacks on federal and corporate systems, experts say.

Robert Lemos
Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
2 min read
SANTA CLARA, Calif.--Security needs to become a priority for users and makers of wireless networking equipment in order to stop insecure connections from being used to attack federal and corporate systems, network experts said Wednesday.

Speaking at the 802.11 Planet Conference here, security professionals pointed to a lack of focus on hardening the wireless infrastructure as a flaw in government discussions about protecting the nation's critical infrastructure.

"There are a lot of networks behind wireless (access points), so we have to see ourselves as a part of the larger whole," said Daniel Devasirvatham, vice president of the wireless systems group at government contractor SAIC.

Devasirvatham said SAIC has disconnected its wireless networks until the company is sure they are secure, but many other companies' networks are wide open because attackers could enter through the wireless local area network.

In July, President Bush's special adviser on cybersecurity, Richard Clarke, told security experts that users and makers of wireless equipment were among the five top groups responsible for the Internet's insecurity.

But despite the new Wireless Protected Access standard that aims to boost security, at the moment there aren't many products for the security-conscious wireless user, said Shannon Myers, master security architect for telecommunications giant Cable & Wireless, at a panel focusing on homeland security and wireless.

"There is not a lot of technology out there that can do what needs to be done," Myers said.

Myers pointed to the latest document from the National Institute of Standards and Technology on wireless security as a partial solution. The document, dubbed SP 800-48, suggests some security policy changes for users of wireless networks and Bluetooth technology.

"We need to find a good balance," Myers said. "The government is trying, and industry is trying, but it is going to take some give and take to get there."