A serious wireless network technology flaw that could lead to the breakdown of some critical infrastructures in just five seconds has been identified by Queensland University of Technology's Information Security Research Centre, a finding that is likely to have worldwide ramifications.
Wireless technology is gaining traction and in some countries is used to control infrastructures such as railway networks, energy transmission, and other utilities.
QUT's School of Software Engineering and Data Communications deputy head, associate professor Mark Looi says the discovery of the flaw should send a warning to high levels of government and industry worldwide.
"Any organization that continues to use the standard wireless technology [IEEE 802.11b] to operate critical infrastructure could be considered negligent," Professor Looi says.
"This wireless technology should not be used for any critical applications as the results could potentially be very serious."
Under Investigation
Looi's Ph.D students--Christian Wullems, Kevin Tham, and Jason Smith--discovered the flaw while investigating mechanisms for defending wireless devices against being hacked.
The findings are to be presented to the Institute of Electrical and Electronic Engineers Wireless Telecommunication Symposium in California this week.
In effect the flaw allows for the disruption of the standard 802.11b radio frequency developed by the IEEE to transmit data.
The result is that the wireless devices cannot communicate with each other and service is denied.
"The 802.11b network is supported by a number of computing platforms including Macs, PCs, and handheld devices and in 99.9 per cent of all cases is the only way to connect to wireless networks," Professor Looi says.
"In order to exploit the vulnerability potential attackers only need a common wireless adaptor which retails for about [$35] and instead of using it to enable their computer to access a network, they can change its coding to interfere with transmission.
"With this adaptor you can basically totally disrupt any wireless network that uses this technology within a kilometer of its operation in anywhere between five and eight seconds."
The Information Security Research Center at QUT has been working with Australia's national computer emergency response team AusCERT to alert manufacturers about vulnerable wireless networking equipment since the discovery was made in November last year. A solution to the problem is yet to be found.
Alerting Users
AusCERT will release an advisory on the issue on Thursday.
Looi says it is important to release the findings to ensure that users of the wireless technologies were made fully aware of the potential risks to their systems.
In Brisbane, he says there are about 12 public access networks plus numerous corporate Intranet systems that could be affected.
"QUT confirmed their findings with other leading independent researchers in Australia," Professor Looi says.
He says the process to bring down a wireless network was very simple, however it did not compromise the data on the network.
"When the adaptor is given the right sequence of codes, it sends out enough information over the air for the network link to mistake it as interference--when this happens all devices on the network delay their transmission for a short period of time," he says.
"The adaptor will keep sending out the interference signal so the wireless network can't resume its normal transmission."
Looi says any computer, PDA, or notebook could send out the signal if the wireless adaptor was programmed accordingly.
Tools are currently being developed so wireless networks can be tested to see how vulnerable they are to being disrupted in this way.
"It was very difficult to test, because we didn't want to accidentally bring any networks down other than our own test network; we had to do our experiments in secluded locations at 2 in the morning," he adds.
Ad Choices