AirDefense Discovers More Than Half of 300 Wireless Devices on Show Floor at RSA Conference Vulnerable to Attacks.SAN FRANCISCO San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden -- AirDefense, the innovator and market leader in anywhere, anytime wireless security, today unveiled results from its wireless airwave monitoring on Tuesday, February 6 at the RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. , the world's leading information security conference. AirDefense studied the wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area traffic throughout the day Tuesday and found more than half of the 347 wireless devices, such as laptops, PDAs, phones and vendor PCs susceptible to "Evil Twin" types of attacks, combined with some of the latest zero-day attacks. In total, 56 percent of the 623 devices in use could have easily been compromised. To speak to AirDefense regarding their findings stop by the AirDefense booth # 2146, or to schedule an interview with Richard Rushing, CSO (Chief Security Officer) The person in charge of all staff members who are responsible for promulgating, enforcing and administering security policies for all systems within an enterprise or division. , AirDefense, call Bill Keeler Keel´er n. 1. One employed in managing a Newcastle keel; - called also keelman ltname>. 2. A small or shallow tub; esp., one used for holding materials for calking ships, or one used for washing dishes, etc. or Mark Cautela at Schwartz Communications at (781) 684-0770. "Evil Twins" are the wireless version of email phishing scams, a technique whereby an attacker tricks victims into connecting to a laptop or PDA (Personal Digital Assistant) A handheld computer for managing contacts, appointments and tasks. It typically includes a name and address database, calendar, to-do list and note taker, which are the functions in a personal information manager (see PIM). by posing as a legitimate hotspot. Zero-day attacks take advantage of new flaws in software programs, such as Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. , that can compromise devices that have yet to be fixed by the vendor. "There is a massive increase in the insecurity of laptops and wireless devices at this year's RSA Conference and the irony is that at the world's leading security conference many are not taking the security issue seriously at all," said Richard Rushing, chief security officer, AirDefense. "Connecting wireless devices to insecure wireless networks greatly increases the chances of a breach due to insecure settings for other networks such as hot spots hot spots acute moist dermatitis. , hotels, airports and homes. No matter how strong the network is, today's hacker is patient and doesn't attack the device but waits for their victims to come to visit them." Other Interesting Findings: * AirDefense discovered 70 devices participating in Ad-Hoc networks (Peer-to-Peer) using common SSID's (Service Set Identifiers) such as "Free Public WiFi," "Free Internet Access" and "Linksys." Not only is this a security issue, typically this means that no firewall is present on the wireless interface or it is an un-patched Windows system. In other words Adv. 1. in other words - otherwise stated; "in other words, we are broke" put differently , low hanging fruit for an attacker. * Overall, there was a lack of pre-802.11n equipment, such as consumer access points, which can be purchased in many electronics stores. Only 12 of those devices were discovered and this might be due to limited or lack of built in pre 802.11n support on Laptops. * From the Halls connecting the exposition areas to the exposition floor, AirDefense discovered 30 devices pretending to be Access Points (Soft-AP) and 2 of them were pretending to be the Conference Network. One device was setup with a self-sign certificate, to mimic the conference authentication server. Five others were mimicking common hotspots, such as "tmobile," "IBANN," "STSN STSN Seaman, Sonar Technician Striker (Naval Rating) STSN Set and Test Sequence Number " and several local hotels. * Denial of service attacks were seen across the airwaves, from CTS (1) (Clear To Send) The RS-232 signal sent from the receiving station to the transmitting station that indicates it is ready to accept data. Contrast with RTS. (2) (Common Type System) The data typing used in . flooding of the airwaves to de-authentication types of attacks against devices. These were limited in the durations and location of these attacks. AirDefense noticed and alerted 57 different attacks trying to disrupt the network. * Scanning of the wireless network was seen on a regular basis using tools like NetStumbler, among others, to discover the access points. * From all of the laptops and other devices in the airwaves, AirDefense discovered 45 of these had altered their MAC addresses. This is done to either blend into the environment or hide the true identity of the device. * The security performance of the exposition floor was extremely poor as one out of three packets had to be retransmitted due to the congestion The condition of a network when there is not enough bandwidth to support the current traffic load. congestion - When the offered load of a data communication path exceeds the capacity. in the airwaves. About AirDefense AirDefense is the market leader in anywhere, anytime wireless security. The company is trusted by more Fortune 500 companies, healthcare organizations and high-security government agencies for enterprise wireless protection than any other company. AirDefense products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention, both inside and outside an organization's physical locations and wired networks. Common Criteria-certified, AirDefense enterprise-class products scale to support single offices as well as organizations with hundreds of locations around the globe. Founded in 2001, AirDefense is based in Atlanta, GA, and serves more than 600 government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770-663-8115. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion