AirDefense Monitors Wireless Airwaves at RSA Conference.SAN FRANCISCO San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden -- Company Reports Significant Increase in Hackers Attempting to Create Fraudulent Access Points AirDefense, the leader in anywhere anytime wireless monitoring, today reported that during its monitoring of the wireless airwaves airwaves Noun, pl Informal radio waves used in radio and television broadcasting at the RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. , hackers have increased their attempts to create fraudulent Access Points, which in turn can put wireless users at greater risk of becoming victims of identity theft. This is a significant shift in wireless threats from the traditional scanning and sniffing of the airwaves that has been monitored by AirDefense at previous conferences. The shift indicates that wireless users and intruders are leveraging more sophisticated hacking tools and techniques. AirDefense also identified 32 "Evil Twin" attacks. "Rather than simply scanning for and identifying access points, people are now imitating access points," said Richard Rushing, chief security officer for AirDefense. "The same holds true for identity theft -- hackers have realized the value is in trying to become the access point or station, not merely finding one." The RSA Conference, the most prestigious information security event of the year, paid great attention this year to ensuring conference attendees would have a secure wireless network. For the first time, RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. issued digital credentials to full conference pass attendees. These attendees could use their registered email address See Internet address. and a random, computer-generated password assigned to each attendee to access the wireless network. Although the network created by RSA was secure, the conference attendees were still susceptible to wireless threats because their wireless devices were probing for profiles they use at work, at home, or at hotspots such at T-Mobile. On average, AirDefense found stations were probing for four additional networks on top of the one they were currently connected to. "We cannot stress how important it is for wireless users to clear their profile of Access Points on a regular basis," added Rushing. "Wireless, by design, will always connect with the strongest signal, even if that means abandoning a secure connection." Hackers benefited from the probing stations, creating 71 ad hoc networks See mobile ad hoc network. and staging 48 different AP phishing attacks on 335 susceptible stations. A subset of AP phishing, AirDefense identified 32 "Evil Twin" attacks mimicking the hotspots "RSA2005," "Wayport," and "T-Mobile." AirDefense also identified : --116 Different attempts to spoof See spoofing. spoof - spoofing MAC addresses --15 Devices running NetStumbler --30 Devices running other active scanning software --45 Denial of Service attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. against access points --35 Denial of Service attacks to stations using tools like Airjack In terms of connectivity, AirDefense identified 65 access points in the exhibit hall, with the authorized RSA wireless network accounting for only 10 percent of the total access points. AirDefense identified an additional 28 unauthorized access points connected to the conference infrastructure. These "open" vendor networks accounted for 78 percent of all traffic sent to the wired network connected to the internet, indicating user indifference for a secure connection. "The unauthorized APs on the RSA network is no different than what we see in the enterprise environment," said Anil Khatod, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of AirDefense. "Organizations will spend the time and energy to maintain an authorized wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area , however a single rouge Access Point provides users with instant insecure access. Without monitoring and active defenses in place, organizations have no way to ensure misconfigured devices are corrected and rogue clients and APs are removed." About AirDefense AirDefense is the market leader in anywhere, anytime wireless security and monitoring. The company's products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention See IPS and IDS. both inside and outside an organization's four walls. AirDefense's enterprise-class products scale to support everything from single offices to organizations with hundreds of locations. Founded in 2001, AirDefense is based in Alpharetta, GA and services hundreds of government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770.663.8115. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion