Wireless conferences bring out the best in new technologies and devices. They also bring out hackers, who typically find it easy to eavesdrop and intercept wireless transmissions -- including a lot of corporate e-mails and other sensitive data broadcast over airwaves.
Wireless LAN security provider AirDefense spent four hours last month monitoring wireless traffic at Atlanta's CTIA, one of the largest wireless conferences in the country. The George World Congress Center was equipped with 216 access points, 24 "soft APs" (laptops that function as access points), 609 user stations, 969 Bluetooth devices and 42 ad-hoc networks.
Within that small slice of time, AirDefense monitors picked up 25 identity theft attacks on a T-Mobile and Cisco-sponsored Hotspot, where intruders basically were lifting IDs of insecure users to connect to the network for free. Forty-five specific scans tried to compromise the Hotspot network. In addition, almost 250 network scans were performed and 126 user stations sent out unanswered probe requests.
AirDefense also recorded six denial-of-service attacks, 48 instances of bluesnarfing and almost 400 bluejack attacks to compromise Bluetooth-enabled devices. Some bluejack attacks included an added bonus: the Mydoom worm and two other lesser known viruses.
All this doesn't really surprise Richard Rushing, CSO of AirDefense, who's conducted these tests for a few years.
"E-mail always shocks me," he said this week. "Less than 10% used encryption [at this show] to check their corporate e-mail, which meant anyone could see the rest. Most other wireless conferences average a higher number using encryption, but it's still usually under 15%."
Rushing believes the lure of free service compels people to forget common sense. He likened it to free candy on the reception desk. "People take it, and when you have free wireless at these shows, people use it. And unfortunately a lot of times they use it insecurely."
Often, corporate users are just ignorant to the risks of wireless communication outside the office. Others find their VPNs may not work in a different environment and decide the need for information overrides the security risks.
While some of the recorded attacks may have been intentional -- as part of a vendor demonstration -- Rushing believes, based on past conference analyses, that the culprits are more likely in the nearest coffee shop or upscale hotel with wireless connectivity.
"Wireless is one of those new hacker havens. People don't give out a lot of information about it because if it becomes too dangerous, people will actually stop using it," he explained.
"There's also the downtime at the show. Someone's bored and wants to see what's going on. So you have people conducting vulnerability assessments against other machines -- because they can," he added.
Security managers and administrators should pay closer attention to wireless use and make sure it is included in security policies--and enforced. Make sure everyone knows to use a VPN or other encryption tool to secure transmissions. And make sure end users understand that even after the laptop leaves the premises, it's still part of the corporate network and, as such, puts that network at risk with insecure communications.
"One of the big things organizations fail to realize is wireless doesn't end at my walls," Rushing concludes. "It goes wherever any of my wireless devices are configured to operate and the networks are."