AirDefense Completes RSA Conference Wireless Network Monitoring; For Third Straight Day More Than Half of Wireless Devices Vulnerable to Attack.SAN FRANCISCO San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden -- AirDefense, the innovator and market leader in anywhere, anytime wireless security, today released results from its wireless airwave monitoring on Thursday, February 8, at the RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. , the world's leading information security conference. For three consecutive days AirDefense studied the wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area traffic from the show floor. On Thursday, AirDefense discovered 309 out of 547 wireless devices, such as laptops, PDAs, phones and vendor PCs susceptible to "Evil Twin" types of attacks, combined with some of the latest zero-day attacks. In total, 1,137 out of 2,017 wireless devices over a three day period could have easily been compromised. To schedule an interview with Richard Rushing, CSO (Chief Security Officer) The person in charge of all staff members who are responsible for promulgating, enforcing and administering security policies for all systems within an enterprise or division. , AirDefense, call Bill Keeler Keel´er n. 1. One employed in managing a Newcastle keel; - called also keelman ltname>. 2. A small or shallow tub; esp., one used for holding materials for calking ships, or one used for washing dishes, etc. or Mark Cautela at Schwartz Communications at: 781 684-0770. To review the results of wireless airwave monitoring from Wednesday, February 7 and Tuesday, February 6, log onto: http://www.airdefense.net/newsandpress/02_08_07_1.php http://www.airdefense.net/newsandpress/02_07_07.php "It is important for people to understand that the vulnerability of 309 wireless devices on Thursday, 481 devices on Wednesday and 347 devices on Tuesday was not the problem of RSA Conference organizers," said Richard Rushing, CSO, AirDefense. "Any compromised devices at this year's conference resulted from conference attendees whom joined a wireless network through hotels and hotspots that were insecure." AirDefense's wireless airwave monitoring on Thursday discovered more than 90 wireless chipset driver attacks being conducted at the show to compromise inspecting laptops. Denial of Service attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. slowed down with AirDefense noticing 47 different attacks on Thursday versus 85 on Wednesday trying to disrupt the wireless network, from CTS (1) (Clear To Send) The RS-232 signal sent from the receiving station to the transmitting station that indicates it is ready to accept data. Contrast with RTS. (2) (Common Type System) The data typing used in . flooding of the airwaves to de-authentication types of attacks, to jamming attacks. These were limited in the durations and location of these attacks continued to move about the exposition floor. The types of tools used to attack the network were more sophisticated, an attempt to take advantage of the probing laptops that were discovered on Tuesday and Wednesday. Some attack tools were versions of Karma karma or karman (kär`mə, kär`mən), [Skt.,=action, work, or ritual], basic concept common to Hinduism, Buddhism, and Jainism. , that mimic the Access Point the station is probing for. Other Discoveries on Thursday: * AirDefense noticed that many clients, when connected to an unencrypted network, would disclose information about the organizations networks such as Domain, Authentication Server A device used in network access control. It stores the usernames and passwords that identify the clients logging in, or it may hold the algorithms for token access (see authentication token). , Active Directory, User Name and Computer Name in the clear. Leaking out NetBIOS and IPX (Internetwork Packet EXchange) The network layer protocol in the NetWare operating system. Similar to the IP layer in TCP/IP, it contains a network address and allows messages to be routed to a different network or subnet. traffic was common on these devices. An Attacker could and might have captured the corporate username and authentication hash (password), that the unsuspecting user would have sent over the airwaves. As the laptop is not aware of its location, it does not know if it is at the office, home or hotspot. This has the potential to worsen as the number of laptops and wireless laptops become more prevalent than the corporate computer. * A high percentage (more than 10 percent) of laptops ran unpatched software or had disabled the Firewall on the wireless interface. * The launch of the driver exploit attacks showed that these attacks were used to compromise laptops. The danger of these attacks result because the wireless interfaces just have to be active and a compromise could have taken place with no connection to a Soft AP or Evil Twin. Very few laptops had patched drivers as this is a major update and may not be something that is pushed out in the patch cycle. About AirDefense AirDefense is the market leader in anywhere, anytime wireless security. The company is trusted by more Fortune 500 companies, healthcare organizations and high-security government agencies for enterprise wireless protection than any other company. AirDefense products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention See IPS and IDS. , both inside and outside an organization's physical locations and wired networks. Common Criteria-certified, AirDefense enterprise-class products scale to support single offices as well as organizations with hundreds of locations around the globe. Founded in 2001, AirDefense is based in Atlanta, GA, and serves more than 600 government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770-663-8115. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion