War Drive Survey: 57% of Enterprises
Wirelss LANs Not Encrypted
Atlanta- September 24, 2003 - Despite screaming headlines
of major security risks, many enterprises are still incredibly
vulnerable to rogue wireless LANs and insecure WLAN access points.
More than half of all access points still do not encrypt their
traffic and 9 percent of all access points were determined to
be unauthorized "rogues," according to a recent study
of wireless LANs in the business districts of Atlanta, Chicago
and San Francisco.
Last month, AirDefense engineers conducted a war drive in the
three cities. The results indicate that many enterprises are at
risk of unsanctioned access points and are ignoring the need for
the most basic form of security - encryption.
| Compiled
Stats of Atlanta, Chicago & San Francisco |
|
Total
Access Points Detected |
1,136 |
|
Access
Points without Encryption |
650
(57 %) |
|
Rogue
APs (100 % default settings) |
104
(9 %) |
|
Access
Points Broadcasting SSID |
876
(77 %) |
|
Consumer-Grade
Access Points |
331
(29 %) |
|
Ad
Hoc Networks |
45
(32 unencrypted) |
The surveys were conducted by driving the streets around office
buildings. For Atlanta, the war drive was conducted on a 10-mile
stretch of Peachtree Street from Buckhead to downtown. The Chicago
and San Francisco war drives were conducted in the downtown areas
and financial districts of both cities.
Of the 1,136 access points detected in the three cities, 650
- 57 percent - did not utilize any form of encryption, such as
WEP, WPA, LEAP, PEAP or other proprietary solutions. AirDefense
determined that 104 access points - 9 percent of the total - were
rogue access points because they were in complete default settings
for their SSID, channel, IP addressing and broadcasting of their
SSIDs.
The war drive DID NOT check these access points for default passwords.
In fact, the engineers conducting the war drive made special effort
to make sure that they never connected to any of the wireless
LANs that were detected.
The total number of rogue wireless LANs could potentially be
much higher than the reported 9 percent; 331 access points - 29
percent - were determined to be consumer-grade products from vendors,
such as Linksys, D-Link and Netgear. Larger enterprises are not
likely to deploy access points from these vendors.
| War
Drive Stats for Each City |
| |
|
Atlanta |
Chicago |
San
Francisco |
| |
Total
Access Points |
444 |
235 |
457 |
|
Access
Points without Encryption |
277 |
135 |
238 |
| |
Rogue
APs (100 % default settings) |
36 |
25 |
43 |
|
Access
Points Broadcasting SSID |
393 |
158 |
328 |
| |
Consumer-Grade
Access Points |
169 |
39 |
123 |
|
Percentage
of Total Traffic Encrypted |
8% |
78% |
91% |
| |
Unencrypted
Ad Hoc Networks |
3 |
8 |
21 |
Insecure ad hoc networks were another issue identified in the
survey across the three cities. The war drive identified 45 of
these peer-to-peer networks; 32 of the ad hoc networks were not
encrypted.
While the majority of access points in each city did not use
encryption, the actual traffic observed varied from city to city.
It seems as if the most active enterprise wireless LANs in San
Francisco and Chicago did use some form of encryption. Of the
total traffic observed in San Francisco, 91 percent was encrypted.
In Chicago, 78 percent of the observed traffic was encrypted.
However, the war drive in Atlanta showed that only 8 percent of
the total traffic was encrypted.
About AirDefense, Inc.
AirDefense is a thought leader and innovator of wireless LAN security
and operational support solutions. Founded in 2001, AirDefense
pioneered the concept of 24x7 monitoring of the airwaves and now
provides the most advanced solutions for rogue WLAN detection,
policy enforcement, intrusion protection and monitoring the health
of wireless LANs. As a key element of wireless LAN security, AirDefense
complements wireless VPNs, encryption and authentication. Based
on a secure appliance and remote sensors, AirDefense solutions
scale to support single offices, corporate campuses or hundreds
of locations. Blue chip companies and government agencies rely
upon AirDefense solutions to secure and manage wireless LANs around
the globe. For more information, go to www.airdefense.net
or call 770.663.8115.
Media Contacts:
Brian Moran
AirDefense, Inc.
770.663.8115 x 110
bmoran@airdefense.net
AirDefense is a registered trademark of AirDefense, Inc. All
other trademarks are property of their respective owners.
.
