In this guest blog post, Geraint Williams, CISO, Modern Networks discusses some of the pros and cons of various wireless network solutions and specifically considers performance, availability, resilience, and security.
We are all familiar with Wi-Fi or wireless technology. Today, it’s everywhere. However, it’s unlikely Marconi ever imagined just how pervasive the technology would become when he was experimenting with his wireless telegraph system in the early 1890s. The ubiquitous term ‘Wi-Fi’ is a registered trademark, created by the marketing experts at Interbrand for the Wi-Fi Alliance. Many people believe that the term Wi-Fi is shorthand for Wireless Fidelity, but they are wrong. The Wi-Fi Alliance hired Interbrand to come up with a brand name for their IEEE 802.11b Direct Sequence wireless standard, and ‘Wi-Fi’ was the catchy, easily recalled result.
Different Wi-Fi solutions
There are several different types of wireless technology that are designed for use at different scales, topologies, and different use cases. A point-to-point wireless solution, for example, is a data connection between two points delivered by radio waves or optical laser, and so does not require the use of poles or cables. Point-to-point wireless can be used to network a group of buildings on a science park or allow a private network in one building to extend to another nearby network without having to relay traffic thorough the public Internet. The benefits of point-to-point wireless include speed of installation (no need for physical cables to be laid), reduced costs and highly secure connection when properly encrypted, ideal solution for remote area deployments. There are also Mesh networks, which can be preferable to a traditional Wi-Fi router for larger buildings with wireless dead spots. Nowadays, many commercial properties have IoT (Internet of Things), and smart devices networked together using Zigbee, Z-wave or LoRa standards. Finally, there are 3G, 4G and 5G cellular telephone networks that have continually improved data connectivity, bandwidth and speeds over the generations.
Performance
When selecting a wireless technology for a science park, innovation centre or building, it is important to consider performance requirements, resilience, and security. Obviously, you will want users to be able to access the wireless signals that radiate from access points. However, a wide variety of factors can weaken or impede signal strength (attenuation), such as the distance the signal must travel, walls and other structures, and even the moisture content of the air. Additionally, your wireless network might be competing with other radio sources on the same frequency. For example, a microwave oven might interfere with the Industrial, Scientific, and Medical (ISM) radio bands as they both operate on 2.4Ghz. You will also want to consider how secure your wireless network is to ensure data protection, integrity and availability. Many common wireless network issues can be resolved or reduced by conducting professional surveys of access points and signal strength, using multipath technology, and encryption.
Availability and resilience
There are too many factors around wireless network availability and resilience for us to discuss them all in this article. Instead, we will focus on those factors that I have personally encountered that affect a range of wireless technologies. With wireless links between building, sometimes referred to as a wireless bridge, for example, it is important that nothing blocks the line of sight and that units remain aligned. Factors that can impede the use of a wireless bridge include nesting birds and high winds. However, I know of a case where a travelling funfair setup a bungee-ball ride in a town centre that interrupted the microwave link between two builds every time it was operated. There have also been cases where corporate Wi-Fi networks have become unreliable at lunchtimes due staff using on-site microwave ovens, which operate with a very broad spectrum of radiation centred around 2.45GHz. Microwave ovens do not leak a lot of energy but what they do leak can sometimes overpower nearby Wi-Fi access points. This interference in the 2.4GHz band is one of the reasons there are no licensing restrictions, which is pretty much the same worldwide, unlike the 5GHz band where different countries and regions have restrictions on which channels can be used. Therefore, it is important to ensure your network equipment is correctly setup for the country and/or region it is operating in to ensure it meets legislative requirements.
Cyber security
When thinking about the security of your wireless network, there are a number of general points to consider. Firstly, it is important to remember that it is difficult to keep wireless signals beyond the reach of attackers. A tenet of cyber security is that it is easier to compromise a device or network if you can get physical access to it. Typically, it is easier to access a wireless signal than it is to breach a building’s physical security to get access to network hardware. A frequently used method of assaulting a wireless network is known as the ‘parking lot attack’. If there are no restrictions on the router’s signal strength, access to the wireless network can be achieved from a nearby building or car park by an attacker. In 2007, a parking lot attack was used against TJX, a US-based clothing and home fashion retailer. The attackers successfully intercepted signals and cracked the WEP security protocol on a wireless network used to support the retailer’s handheld barcode scanners. The attackers then pivoted the assault and gained access to an estimated 45.7 million credit and debit card numbers. TJX eventually paid out around USD $250m in fines and compensation after the attack. Later, one of the attackers was caught and faced 22 years in prison and a USD $1m fine.1 Many tenants on science parks will regularly transmit commercially sensitive data across their wireless networks. But how many are unwittingly broadcasting their intellectual property, personally identifiable information and financial data to a much wider audience because their wireless router has not been configured correctly?
WEP’s fatal flaw
Today, security protocols have moved on from WEP (Wired Equivalent Privacy) with WPAv3 available. The introduction of WEP demonstrates how a security algorithm can appear strong on paper but can prove vulnerable under real-world conditions. The same is true for many modern implementations of security algorithms. WEP’s fatal flaw meant that if enough packets of data could be collected and analysed it was possible to recover the encryption key. If an attacker collected 85,000 packets, for example, there was an 85% probability of revealing the encryption key. With the correct tools, an attacker could perform this task in under 60-seconds. Even with what has been learnt about cryptography and cracking, the current WPAv3 security protocol has been broken under certain circumstances.
The IoT security threat
Cyber security is no longer just the domain of enterprise IT departments. Security is increasingly a topic that SMEs cannot afford to ignore. 61% of cyber attacks are now against small businesses. However, small businesses seldom have sufficient in-house technical expertise to setup, monitor, maintain and secure wireless networks. Additionally, we see numerous SMEs and commercial properties adopting IoT and similar smart devices that are connected to corporate networks with little consideration for the potential hazards. Many IoT devices are installed in offices with default passwords, which never get changed. IoT devices run using an Internet connection, but if your wireless network is insecure, then authentication can be bypassed, and sensitive data can be compromised. Some IoT manufacturers take a rather casual attitude toward issuing firmware updates and security patches, which can leave your network vulnerable to attack. If IoT devices are centrally managed and integrated with legacy systems, businesses run the risk of introducing security vulnerabilities across their IT networks.
Smart access opens the door to hackers
In 2020, it was reported that over 2,300 building access control systems were left vulnerable to hijack because the manufacturer failed to issue a security patch. Hackers were specifically targeting Nortek Security & Control smart access control systems, which had been installed in corporate headquarters, factories, industrial and science parks. The year before, ten critical security vulnerabilities had been discovered in the smart devices, which could be remotely exploited, even by attackers with very limited technical skills. However, Nortek Security & Control failed to provide any security patches. Hackers then started to launch DDoS attacks using compromised devices. Additionally, state-sponsored hacking groups were observed using IoT devices to launch attacks against corporate networks. More recently, an international group of hackers were able to gain access to the live feeds of 150,000 CCTV surveillance systems inside hospitals, companies, police stations, prisons and schools.2
Certainly, wireless networks can bring endless benefits to science-based start-ups and small to medium sized businesses. However, ensuring the connectivity, security and privacy of your network is a full-time job that requires professional attention few SMEs can afford. By investing in a managed wireless network, you gain expert IT oversight and support plus additional benefits such as reduced capital and operational costs, minimal downtime, and efficiency gains.3
Wi-Fi as a managed service
A managed Wi-Fi service is a subscription-based alternative to buying and maintaining your own wireless network. At Modern Networks we remotely manage, control, and troubleshoot our clients’ wireless networks, removing the need for costly onsite IT resources. Prior to onboarding, a managed service provider should take the time to completely understand your business requirements. They should conduct a full wireless survey which will examine security, density, coverage, signal strength and noise ratio. They should also review your site’s technical infrastructure to determine whether there is sufficient power and cabling to meet your needs. This survey should determine how many access points you will need to support likely network usage and ensure that sitewide coverage is achieved without any signal dead spots.
At Modern Networks, we understand wireless networks and what can interfere or increase signal attenuation, which is so important to ensure network availability and resilience. We pride ourselves on staying up to date on the latest technologies and software developments. We also have the advanced tools to monitor and report on potential security breaches, connectivity, speed and network reliability.
To learn more about the best wireless options for your science park, university and innovation centre, contact Modern Networks today.
Sources