Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says

Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says

LAS VEGAS -- Interop/CSI SX Conference -- Wireless vulnerabilities in corporate environments are creating as great a threat now as the Internet did in its early days, a security expert said here today.

In a session at the Computer Security Institute's CSI CX conference, which is being held concurrently with Interop here, AirPatrol CEO Nicholas Miller said the rapid growth of wireless networking has increased the threat of wireless vulnerabilities to an unprecedented level.

"The problem is that wireless vulnerabilities don't just expose the user who's unaware of them, but the whole corporate network the user is attached to."

"I can go out in a car and sit in a parking lot with a wireless router and gain access to an amazing variety of systems," Miller said. "It's really a little bit scary."

In an effort to save money and reduce infrastructure, many companies are moving toward a wireless infrastructure, which puts their networks at a greater risk than ever, Miller says. Yet many of the old vulnerabilities that existed in the wireless environment still have not been resolved, he observed.

"We think the best approach is to attack the problem in the reverse way that they're currently doing, which is to put in a wireless network and then add a security solution," Miller said. "What we think they should do is deploy a wireless security system first, and then you could literally go out and buy the access points at Best Buy."

"What we're really saying is that the emperor's got no clothes. You don't need all of that complex wireless technology if you have a wireless threat management system in place with encryption and security."

Wireless infrastructure vendors offer some security capabilities, "but they are really looking for rogue access points, which is a tiny issue compared to the total problem associated with laptop security," he said. "You really need to look at the entire network -- you need to secure the endpoints."

The problem with most wireless technologies is that they don't account for the end user's location, Miller said. "All of a sudden people can have access to the network as if they were in the building, which is why we need location-based access in wireless. Any wireless product you're looking for should have that capability. If a hacker wants to break into the network, they should have to break into the building."

AirPatrol is working with CheckPoint to block wireless access from unauthorized access points via the firewall, Miller said. "We're blocking traffic at the edge of the network using CheckPoint firewalls, which is a new way to use the firewall. We're also working with a very large switch vendor to see this sort of access control at the switch level."

To be effective, a location-based wireless security system should be able to deliver accuracy within 10 feet of the user's location, Miller said. "Ten feet tells you it's Frank in accounting. Thirty feet tells you it's in the building."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29512
PUBLISHED: 2021-05-14
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read ...
CVE-2021-29554
PUBLISHED: 2021-05-14
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efff014f3b2d8ef6141da30c806faf141297eca1/t...
CVE-2021-32817
PUBLISHED: 2021-05-14
express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is...
CVE-2021-32818
PUBLISHED: 2021-05-14
haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options. A vulnerable application tha...
CVE-2021-32819
PUBLISHED: 2021-05-14
Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream...