Government Wi-Fi Networks Not Secure
Government says Wi-Fi networks not secure (Reuters)
A hacker on a park bench could log onto dozens of U.S. government computer networks thanks to slipshod security standards at many agencies, according to a congressional report released on Tuesday. The report by the Government Accountability Office found that few government agencies can ensure that their wireless networks are protected from unauthorized access.
Government agencies shouldn’t set up high-speed wireless broadband networks, known as “Wi-Fi,” until they have figured out a way to secure them, according to guidelines issued by the National Institute for Standards and Technology. But nine of the 24 major agencies haven’t issued wireless-security plans, while many others provided little guidance for acceptable use, the GAO found. Thirteen agencies don’t require their Wi-Fi networks to be set up in a secure manner, and most don’t monitor their wireless activity, the report said.
GAO investigators were able to pick up Wi-Fi signals from outside all of the six agencies they tested, and they were able to find examples of unauthorized activity at all six as well.
Unbelievable.
Basically Wi-fi is unsecure, even if you use WEP encryption. I read on a wifi newsgroup recently where FBI engineers demonstrated their ability to break into a WEP encrypted network in about a minute.
Actually, no, I easily believe it.
WEP is easily crackable now supposedly but most people are lazy and don’t even bother to ratchet the security up for home or business wi-fi. I suspect many govt. agencies just meet the baseline standards for wireless security, if that.
Wardrivers a few years ago in DC demonstrated how open the federal agencies around the Mall were to being invaded via wi-fi and now this news will hopefully make them go past the basic security they installed after the last spate of stories.
“Hey, I’ve got an idea! Let’s put FIVE bullets in the gun!”