IT Crime
Wireless technology

Description

As the name suggests, a wireless local area network (WLAN) is one to which a computer can be connected without wires by means of so-called 'access points' or radio stations distributed throughout a building. Each access point has a particular range and serves a maximum number of clients.

A significant characteristic of WLAN is that a user has to share an access point with several other clients. This is known as 'shared media'. Multiple computer users use the same bandwidth and can listen in on all messages which are sent to and from the access point.

In 1999, Apple was the first major hardware company to introduce a wireless system for computers and printers in offices. The transmitter/receiver was named 'Airport' and was based on the open wireless local network standard, 802.11b, originally called Wave-LAN. Since then, a local area network (LAN) based on this standard has become known as a WLAN.

Since WLAN was developed for local networks such as computers on an office floor, its maximum theoretical open-air radio range is 12 kilometres, but 50 metres is the maximum range usually achievable in offices. Data which is sent or received by a computer is transmitted at a maximum speed of 11 Mbps.

A 'hotspot' is a place where WLAN access is offered to all, either paid or free of charge. Hotspots are already common in places such as airports and hotels, and are now being deployed more widely, including in the open air.

Criminal possibilities

Radio communication differs from wired communication because of the transmission medium. Access to data transmitted by cable is relatively simple to control. Unless very sophisticated equipment is used, data on a cable cannot be retrieved without physical access to the cable. Radio waves form the transmission medium for wireless communication. These waves are emitted in all or most directions from a transmitter. Transmitter output decreases in line with the distance from the source. The radius of effective propagation is smaller in built-up areas and is difficult to estimate. Even though propagation can be partially controlled by the choice of antenna and transmitter output, the range of wireless communication in private networks does not stop at the wall of a building. In practice, this means that data transmitted by a company or institution using wireless communication can often be received on public property.

Four factors make today's widespread wireless computer networks based on IEEE 802.11b considerably less safe than wireless telephones:

1. The data in computer networks contain a much wider range of information than in telephone conversations.
   
   
2. Because the data is electronically available, it requires no special technology to save and filter for items of interest.
   
   
3. Networks potentially enable access to much more information. It is often possible via Wave-LAN to circumvent a company's firewall, thereby gaining unfettered access to the company's internal network.
   
   
4. While tapping wireless telephones requires sophisticated technology, the only thing that is necessary to access wireless computer networks is a widely available adaptation of the network software.

Here are some possible scenarios of unauthorised access to a private WLAN:

Internet

An unauthorised user could use another individual's Internet access, which would guarantee the unauthorised user a great degree of anonymity. In addition to the costs involved, all of the unauthorised user's actions on the Internet – including possible criminal offences – would appear to originate from the individual whose Internet account had been unlawfully accessed.

Monitoring communication

An unauthorised person could monitor communication within a wireless network and possibly elsewhere within the same company's network.

Data theft

The fact that an unauthorised user could access a network from inside means that he or she will very likely be able to read data within the network which could not otherwise be accessed from outside.

Data manipulation

An unauthorised user could change data which has already been saved or is being transmitted.

In addition to these illicit uses of a private WLAN, a client who uses a hotspot to transmit unencrypted data opens up the possibility for criminals to monitor - and possibly even modify - that data. There are also possibilities for criminals to piggy-back on communications to get inside corporate networks.

In the future

IEEE 802.11b, with its maximum transmission rate of 11 Mbps, is presently used in nearly all hotspots worldwide. The effective bandwidth this standard offers the user is sufficient at present for conventional applications such as the web and e-mail.

The speed of WLAN will continue to increase in the future until an equivalent to the widespread existing 802.3 100 Mbps network is available. The individual user will have more bandwidth at the hotspot and will be able to use more bandwidth-intensive applications such as voice over Internet protocol, video conferencing and video streaming.

Hotspots will spread more rapidly and become established in all areas of public life where mobile Internet access is attractive. In the future, the user will be able to receive information without delay nearly everywhere. Since communication technologies such as UMTS and GPRS will become integrated, more and more private clients will use hotspots in the future as opposed to mainly business users today. However, it is not clear if the increased use of hotspots will be accompanied by corresponding awareness of their related security issues.