Wi-Foo Author on Unsecured Wireless Networks

As an ever increasing number of companies adopt wireless networks,

securing them becomes a challenge — and sometimes a nightmare — for

more IT and security administrators.

The three authors of the book Wi-Foo: The Secrets of Wireless

Hacking write about the threats to the growing wireless community.

In the book, they look at how hackers attack and what technologies and

strategies are available to beat them.

Andrew Vladimirov co-authored the book along with Konstantin Gavrilenko

and Andrei Mikhailovsky. All three work at Arhont Ltd., a security

consultancy in the United Kingdom. Vladimirov, in an exclusive interview

with eSecurityPlanet, talks about what is lacking in most

wireless networks, how secure those networks are today, and what IT and

security administrators should be doing to improve security.

Vladimirov also talks about who makes up the target audience for this

self-described ”definitive guide to penetrating and defending wireless

networks”.

Q: Who did you write this book for?

We wrote it for anyone interested in wireless security. The largest part

of our audience will be system administrators and network security

management. When we started to write, the underground new far more than

the average security administrator.

Q: On the back cover of your book, it says, ”If you’re a hacker or

security auditor, this book will get you in. If you’re a

netadmin, sysadmin, consultant or home user, it’ll keep everyone else

out.” Who is this book really aimed at helping?

It’s more like martial arts books, in a sense. Of course, an attacker

could buy the book and use the instructions in it. The attackers know

this stuff anyway. They fight every day. They think martial artists know

nothing. They say they grew up on the streets and they know how to

fight. System administrators and managers would look at this and say, ‘I

didn’t know these things’… We are marketing to the hacker, in a sense.

There’s also a large amount of war drivers who go around looking for

wide open networks. They will always find them. When they read the book,

our hope is they will understand a few things. That the defense could be

just as interesting as the attack. Despite everything said, if a

security administrator knows more than they do, they could be caught and

suffer consequences… Another message is that this is not cool. They

can see that there are people who know far more than they do.

Q: Are IT and security administrators quickly learning how to secure

their wireless networks?

Slowly. Too slowly. We’ve been war driving for years. When we started

doing it around 2000 or 2001, 20 to 30 percent of networks had some

protection. Now I think this number has gone up by about 10 percent. Now

we see about 40 percent of networks having default protection, which

doesn’t require anything other than configuring the measures provided

with the technology itself. It’s not a huge progress, to be honest.

Q: How many companies have good layered security for their wireless

networks?

Very low… I would say it’s probably about 5 percent. It’s very

dangerous because now all the information is on the surface and it’s

quite easy to obtain the data in wireless networks.

Q: You say in your book that wireless networks are wide open, how

open are they?

We have 30 percent who use some form of protection. Out of them, if an

attacker takes an hour or just two hours of his or her time, two-thirds

can be cracked. The rest of the networks — those 60 to 70 percent —

are wide open. Only about 10 percent could stop most attackers.

Q: What is the one biggest thing that most IT and security

administrators don’t understand about wireless security?

In my opinion, it’s the first layer. People don’t understand radio

frequency. They can hardly imagine how far the network can spread. How

far and where that attacker can position himself or herself. There are

some so-called security consultants… who go around the site where the

network is deployed without an external antennae or amplifier and they

say your network doesn’t spread very far.

Q: What is going wrong? Why don’t administrators understand wireless

security basics?

There is a common flaw. It’s a mindset flaw. They say, ”We don’t have

any valuable data flashing through our network.” Orr data is boring.

Why would someone want to hack into it? This is a wrong perception. One

of the first reasons people would want to do that is to hide their

tracks… They could be sending spam or downloading pirated software or

pornography or attacking a bank or a government network, and if an

attacker is within 10 or 15 miles of your wireless network with an

antennae, they can use your network to do that.

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020