McAfee Inc. released information on a proof-of-concept iPad exploit involving a man-in-the-middle attack using a rogue access point. Is this technique a concern for enterprises, and is it a sign of things to come for iPads?
The McAfee presentation (which was originally presented at the vendor's FOCUS 11 conference), involving a man-in-the-middle attack using a rogue access point is a concern for enterprises and home users. Here's how such an attack is initiated: When the user browses the Web, the Jailbreakme attacks and tools are used to jailbreak the iPad and set up a VNC server to remotely connect to the system. The attacker is able to completely take over the system once a victim connects to the rogue access point, and it's accomplished by using a fraudulent certificate that exploits a vulnerability in iOS.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
The Jailbreakme website and attacks have been around for several years and are gaining additional traction as more Mac mobile devices are sold. As Apple Inc. clamps down on its App Store, and users decide they want more control or functionality that Apple doesn't deem suitable for its ecosystem, more exploits and jailbreaks will be developed to give users the control and functionality they desire.
This specific attack relies on a user connecting to an unsecured wireless network. All the other steps will fail if the user does not connect to the unsecured network. Enterprises either need to lock their iPads and similar devices so they can only connect to secure wireless networks, or educate their users on the risks of connecting to unsecured wireless networks. IT can ensure this from a policy perspective by mandating use of a VPN when connecting to an unsecured wireless network, thus reducing the risk of an SSL man-in-the-middle attack. This assumes, however, that the VPN is not vulnerable to such unlikely attacks as well. Users on IPSec VPNs are not at risk to SSL man-in-the-middle attacks, but SSL-VPNs have been vulnerable to such methods. So, while not a cure-all, SSL VPN use can reduce the likelihood of such an attack.
This was first published in September 2012