Overall, AirDefense associated the highest grade of B- to the transportation industry, followed by the retail industry with a C+, major corporations graded at C, finance a C- and government the lowest with a D. In total, AirDefense discovered 4,606 APs in use for connecting wirelessly to the Internet and corporate networks. Surprisingly, 1,040 or 22 percent of all APs were unencrypted, with more than 30 percent using Wired Equivalent Privacy (WEP), the weakest protocol for wireless data encryption, which can be compromised in minutes.
In government, an alarming 72 percent of APs were found to be unencrypted or using WEP, while in finance 67 percent were found to be unencrypted or using WEP. The stronger protocols Wi-Fi Protected Access (WPA) and WPA2 were used to encrypt 47 percent of APs. However, many of the WPA deployments used Pre-shared Key (PSK) authentication and were deployed in a fashion that makes them extremely vulnerable to the same dictionary attacks that plague password based systems.
AirDefense ranked each industry based on five key components, including: unencrypted/WEP enabled APs, probing laptops discovered, rogue APs, data leakage and APs in default mode. AirDefense averaged the results in each of the industries and associated a letter grade. In retail and transportation stronger encryption protocols and overall wireless infrastructure were discovered. Specific retail findings were in line with results revealed in AirDefense's '2008 NYC Retail Wireless Security Survey' announced in January this year.
The dangers of rogue access points are well documented. An employee, vendor or on-site consultant can unknowingly put all information assets at risk by attaching a $50 consumer-grade AP to an enterprise LAN. This simple act circumvents all existing network security by broadcasting an open connection to the enterprise network. Data leakage occurs when various systems or devices on a corporate network communicate with one another and much of this traffic is broadcast unencrypted over the airwaves for anyone to see.
"AirDefense's comprehensive wireless vulnerability assessment in the Bay Area is intended to not only highlight the current deficient practices in wireless security being deployed by corporate America and the government, but also to highlight the necessary steps to ensure proper network protection," said Mike Potts, president and CEO, AirDefense. "With the 2008 RSA Conference days away some of the results might seem harsh but a matter-of-fact assessment of current wireless security deployment (or lack thereof) and best practices in preventing intrusions from occurring is needed."
AirDefense has been conducting vulnerability assessment surveys of the wireless security industry since its inception in 2001. It is the first and only company to produce comprehensive surveys across all major industries and wireless environments, including popular hotspots.
