Risk Assessment for Cybertrans Ltd., Research Paper

The diffused infrared configuration however, uses a transmitter that fills a given office space with signals. The signal receiver can then be located anywhere in the office area in order to successfully receive the IR signal.

The Spread spectrum LANs

This form of arrangement utilizes the multiple-cell configuration. Each of the cells are appropriately assigned a unique center frequency that lies within a specific band in order to avoid signal interference. This transmission technique makes use of two methods; frequency hopping as well as direct sequence modulation

The Frequency hopping method uses signals that jumps from a given frequency to the other within a specific bandwidth. The transmission unit then "listens" to a give channel and if successfully detects any idle time (a time when no signal is transmitted),then transmits the packet via the full channel bandwidth .In case a channel is deemed "full," the transmitter then "hops" to the next channel and then the process is repeated. Both the transmitter and the receiver have the same "jumping" behavior.

In the case of Direct Sequence Modulation, a wide frequency band as well as Code Division Multiple Access (CDMA) is utilized. The signals from various units (multiple) are then transmitted at a certain range of frequencies at relatively lower power. With each signal transmitted, there is a code to be used by the receiver in the identification of the appropriate signal from the sending unit. This frequency falls within the industrial, scientific and medical (ISM) band.

The Narrow and Microwave Local Area Networks (LANs)

This type of LAN is implemented using narrow bandwidth microwaves frequencies in the transmission of signals. Most of the equipment using this bandwidth range needs licensing from FCC. They employ 18.82-19.205GHz of frequency spectrum (radio).

There are;

The Licensed narrow radio frequencies which involves the use of narrowband frequency schemes that employ cell configuration whereby the cells that are adjacent employ nonoverlapping bandwidths that lie within the 18 Ghz band. An advantage of this scheme is that it allows foir a guaranteed communication that has no form of interference. The communication channels are also highly encrypted in order to eliminate threats of unauthorized data interception (eavesdropping).

The unlicensed Narrow RF also operates within the ISM spectrum and can be employed for transmissions of power less than 0.5 watts.

A comparison of the techniques of Wireless transmission

Source: Burrell (2002)

The Wireless LAN Topologies

The WLAN makes use of three main topologies;

These are

1. Basic Service Set (BSS)

2. Independent Basic Service Set (IBSS)

3. Extended Service Set (ESS)

A further classification involves two modes. Namely, the ad hoc and infrastructure modes.

Wireless topologies. Source- Burell (2002).

WLAN Security threats and vulnerabilities

A close examination of the WLAN systems reveals a system that is not entirely safe from threats. The WLAN attacks are aimed at interfering with the confidentiality, integrity and availability of the system and the data within it. These security attacks can come in the form of active or passive attacks.

The passive attacks;

These attacks are made up of unauthorized data WLA system access for the purpose of either traffic analysis or eavesdropping. It can also be for the purpose of modifying the content of the data traffic and therefore interfering with its integrity. The passive network attacks are hard to detect as the data is often unaffected. This therefore calls for prevetion efforts such as encryption other than detection.

Active attacks

These forms of network attacks involves the unauthorized access of WLAN resources for the purpose of malicious data modification or the interruption of the given network service (Jeopardizing the availability of the system).

Classification of WLAN attacks

Source: Sunday (2008).

The security risks include;

1. WLAN Network Detection

2. Disruption

3. Radio Frequency Signal Limiting

4. Interference

5. Data Interception

6. Denial of Service

7. Compromised Devices

8. Illegal Access Point deployment

9. Insider Threat

10. Unauthorized Network Access.

Wireless LAN security risks and mitigation techniques

Security Vulnerability

The relative level of risk

Low High

Mitigation technique

WLANs detection

Propagation of RF signals

Interference as well as Disruption of RF

Unauthorized system access

Interception of data

Denial of service (DoS)

Compromised network devices

Deployment of illegal access points

Threats from insiders

Table 2: Wireless VoIP Risk Assessment and mitigation

Overview of VoIP

1. VoIP has the similar security threats like any other IP data networks as well as other new ones

2. The traditional information technology security products are never equipped with the right systems to address the challenges that face the security framework of voice systems.

Materna (2009) points out the following as current status of VoIP.

1. VoIP is different from the traditional data security systems

2. VoIP is a real-time system

3. VoIP is a mission-critical service

4. VoIP is faced with malicious activities that are voice specific

5. VoIP presents a new front of cyber attacks

On the Application side

On the side of the devices

On the part of the protocols

The VoIP technology is still in its early stages of deployment. This therefore means that there are few recorded incidents as well as more unpublished ones.

A typical PBX deployment. Source-Materna (2009)

A typical IP Vice center

In a VoIP system confidential data is collected, stored and also transmitted via the VoIP infrastructure. There are serious breaches caused by the complex flow of calls and the infrastructure. Outsourcing increases this risk.

The security threats

In a VoIP system there are several vulnerabilities and exploits caused by the complex permutation and numerous attack vectors as shown below. This is illustrated by Materna (2009) in the diagram below.

Source: Materna (2009)

Recommendations

For the wireless LAN, mitigation should be put in place as shown in table 2. Organizations must also proactively prevent the risks by installing firewalls and intrusion detection systems. An elaborate security policy must also be adopted and adhered too in all organization that deploy WLAN for their operations. As for the VoIP there should be;

Prevention

Through, assessment of compliance to security policies, vulnerability and risk assessment as well as patching.

Protection

Using a perimeter such as Firewall, SPIT, IPS and Internal protection using NAC, HIPS and Encryption. People should also be educated in order to increase their awareness of the risks associated with the VoIP security vulnerabilities. It is appropriate to outsource the hosting of the tracking servers due to the high cost and risk involved. This is also due to the fact that the operation of the server is mission critical.

Conclusions

Cybertrans should upgrade its services in order to meet the current industry stands of compliance. A risk assessment is necessary in order to ensure that the systems are operational 24 hours a day.

References

Bruce, WR (2002).Wireless LANs End to End, Ron Gilster (ed.), John Wiley & Sons.

Burell, J (2002) 'Wireless Local Area Networking: Security Assessment and Countermeasures: IEEE 802.11 Wireless Networks', Dec. 2002, retrieved 22 March

2011, < http://telecom.gmu.edu/sites/default/files/publications/Jim-Burrell-December-2002.pdf>

Cisco (n.d)"Cisco HWIC-AP WLAN Module for Cisco 1800 (Modular), 2800 and 3800."

http://www.cisco.com/en/U.S./products/ps5949/products_data_sheet0900aecd8028cc7b.html

Cisco (2003).2003 Wireless LAN Benefits Study. Available online at http://newsroom.cisco.com/dlls/2003_NOP_WLAN_Benefits_Study.pdf

Cisco (2005). Cisco 7920 Wireless IP Phone Design and Deployment Guide. Available online at http://www.cisco.com/en/U.S./docs/voice_ip_comm/cuipph/7920/5_0/english/design/guide/wrlsddg.pdf

Materna, B (2009). VoIP Security Best Practices. Presented at Miami Beach Convention Center

on 04/02/2009.

Available online at http://images.tmcnet.com/expo/east-09/presentations/u303-materna-voipshield.ppt

Methos Consulting (2011). WebTMC:a WWW Server Dedicated to Owasys Systems

http://www.methosconsulting.co.uk/index.php/component/content/article/71-atn2

PC Magazine (n.d).Risk Assessment.

Available online at http://www.pcmag.com/encyclopedia_term/0,2542,t=risk+assessment&i=50556,00.asp

Sunday, NA (2008).Wireless Local Area Network (WLAN): Security Risk Assessment and Countermeasures.

http://www.bth.se/fou/cuppsats.nsf/all/2cf7d7f61e47ae4ec1257514004fce3f/$file/WLAN_Security%20Risk%20Assessment%20and%20Countermeasures.pdf