McAfee Inc. released information on a proof-of-concept iPad exploit involving a man-in-the-middle attack using...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
a rogue access point. Is this technique a concern for enterprises, and is it a sign of things to come for iPads?
The McAfee presentation (which was originally presented at the vendor's FOCUS 11 conference), involving a man-in-the-middle attack using a rogue access point is a concern for enterprises and home users. Here's how such an attack is initiated: When the user browses the Web, the Jailbreakme attacks and tools are used to jailbreak the iPad and set up a VNC server to remotely connect to the system. The attacker is able to completely take over the system once a victim connects to the rogue access point, and it's accomplished by using a fraudulent certificate that exploits a vulnerability in iOS.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
The Jailbreakme website and attacks have been around for several years and are gaining additional traction as more Mac mobile devices are sold. As Apple Inc. clamps down on its App Store, and users decide they want more control or functionality that Apple doesn't deem suitable for its ecosystem, more exploits and jailbreaks will be developed to give users the control and functionality they desire.
This specific attack relies on a user connecting to an unsecured wireless network. All the other steps will fail if the user does not connect to the unsecured network. Enterprises either need to lock their iPads and similar devices so they can only connect to secure wireless networks, or educate their users on the risks of connecting to unsecured wireless networks. IT can ensure this from a policy perspective by mandating use of a VPN when connecting to an unsecured wireless network, thus reducing the risk of an SSL man-in-the-middle attack. This assumes, however, that the VPN is not vulnerable to such unlikely attacks as well. Users on IPSec VPNs are not at risk to SSL man-in-the-middle attacks, but SSL-VPNs have been vulnerable to such methods. So, while not a cure-all, SSL VPN use can reduce the likelihood of such an attack.
Dig Deeper on Network intrusion detection and prevention (IDS-IPS)
Related Q&A from Nick Lewis
The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from ...continue reading
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it ...continue reading
Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.