|
ABC Company had noticed it's bandwidth use had grown sharply over the last few weeks, at times, using up their entire T-1. Users were still able to get work done but things were beginning to feel slow. The company had to issue email warnings asking users to cut back on Internet Radio, only download MP3 files after hours and ask the employees to help cut back usage anyway they could. It didn't work. Their bandwidth use continued to grow. It soon was running at capacity 24 hours a day. It wasn't until they received an angry phone call by another company demanding they stop trying to hack into their site that they started to realize something was seriously wrong. It turned out they had a simple problem and we had a simple solution for them. One of their departments had recently decided that it would be much more productive if they could all be connected to the network while they were in their meetings. They purchased wireless network cards and a wireless access point (WAP). It was setup according to the manual and everything was running great. The hacker had found the access point, saw that it had no security, and simply logged onto their network. Using their bandwidth and their firewall as a shield to further hide his identity the hacker then set about compromising other networks. Our first step was to setup basic security on the access point. This disconnected the hacker immediately. The second step was to setup secondary security across the network. Basic WAP security can be defeated by a determined hacker in a matter of hours. Additional security helps keep the hacker out even if he gets passed the first level. Analysis of the hacker: This hacker likely found ABC company's WAP just by driving by. He likely pulled into the parking lot found he could log onto the network and at least gain Internet access. He later came back and began using that access to launch scripted attacks against multiple networks. He soon discovered that he had almost an entire T-1 line at his disposal as the company continued to reduce its use of the line. Soon he had a reason to hack through this WAP exclusively. Once his actions were discovered he moved on to the next unsecured WAP. It is estimated by our research that as many as 90% of all WAPs in the Denver area are setup unsecured. Call us and see how easy it is to find yours. |