Follow Tweet This Facebook LinkedIn

Main menu

Skip to secondary content
Menu
  • Tech News
    • Last 48 Hours
    • Analytics
    • Artificial Intelligence
    • Careers
    • Cloud
    • Digital Transformation
    • Ecommerce
    • Education
    • Emerging Tech
    • Infrastructure
    • IT Workplace
    • Leadership
    • Managed Services & Outsourcing
    • Marketing
    • Mobility
    • Opinion
    • Privacy & Security
    • Public Sector
    • Software
    • Wireless & IoT
    • Women in Technology
    • Work from home
  • Resources
    • Reports and Whitepapers
    • News for CIOs
    • CIO Census
    • Digital Security Zone
    • Webinar Highlight Reports
    • Roundtable Highlight Reports
    • 2020 IT Salary Calculator
    • AI Directory
    • ITWC Talks
    • Featured Partner Content Hubs
    • Digital Magazines
    • Blogs
  • Events
    • CANADA’S TOP WOMEN IN CYBERSECURITY
    • CIO OF THE YEAR
    • MapleSEC
    • UPCOMING EVENTS
    • FLAGSHIP EVENTS
    • VIrtual Events
    • Webinars
    • Roundtables
    • All IT World Canada Events
  • Videos
    • President to President
    • All Tech Videos
  • Podcasts
    • Cyber Security Today
    • #Hashtag Trending
    • CMO Talks
    • ITWC Podcast Network
  • Engage
    • Blogger Opportunities
    • 2020 Vision
    • Gartner Corner
    • About Us
    • Privacy Policy
    • Contact Us
  • Subscribe
#TRENDING
  • Analytics
  • Women in Tech
  • MapleSEC
  • Work from home
  • Morning Briefing
  • Cloud
  • Technicity WEST

OUCH! Free Content gets hurt by enabled Ad Blockers

Please consider unblocking us or Subscribe in support of our great non-gated content.
Wi-Fi hacks are getting more serious
Cloud Emerging Tech

Wi-Fi hacks are getting more serious

Peter Judge
Peter Judge
@itworldca
Published: December 28th, 2003

Any trade show is an opportunity for security specialists to demonstrate their skills, and last month’s Wi-Fi Planet event was no exception. AirDefense Inc. monitored all Wi-fi traffic at the show and found hackers skills are advancing, while many users are still ignorant of known security issues.

In a single day at the conference, AirDefense observed 21 attempted man-in-the-middle attacks (these attempt to hijack a VPN users’ Wi-Fi connection). Frighteningly, 16 of these were successful — a massive increase on a day at the previous Wi-Fi Planet conference in June, when only three attempts out of 32 succeeded.

“Wireless LAN hacking tools have always been widely available, but they required knowledgeable techies to use them correctly,” said AirDefense vice-president Richard Rushing. “As wireless LANs have grown in popularity, these tools have become easier to use and reap more harmful results.”

Part of the problem is that standards for Wi-Fi security are still complex.

As well as man-in-the-middle attacks, the company recorded 33 other hacks including attempts to break the Extensible Authentication Protocol (EAP), and Cisco Systems Inc.’s version, the Lightweight Extensible Authentication Protocol (LEAP), some of which got users’ passwords by brute force.

There were 75 denial-of-service attacks on access points, and there were 12 occasions when hackers attempted a DoS-cloud attack that can de-authenticate everyone on a specific channel. MAC spoofing was picked up 125 times.

Despite all this, the users were seriously unprepared. Only six per cent of corporate e-mail downloads were conducted through a virtual private network (VPN).”Without a secure connection to an enterprise e-mail account, a wireless station exposes the e-mail account name and password to anyone passively sniffing the WLAN traffic,” Rushing said. “Anyone who downloaded e-mail at the conference should change their password immediately.”

There were plenty of ad hoc networks — 89 laptops had ad hoc networking switched on, which could potentially allow hackers to access them. One hacker tricked at least 10 delegates with an ad hoc network using the SSID “wifiplanet” so it looked like the official conference network.

If trade shows are a measure of where technology can go next, then there is plenty of evidence that even technically aware users are not doing all they could — and also what can be done with enough resources. At the IT Forum event for IT managers, held by Microsoft Corp. earlier in November in Copenhagen, the show network included free Wi-Fi access.

Microsoft ran a team of enforcers, who tracked down and forcibly upgraded any user who had a laptop that was insecure and pumping viruses onto the network. “We found one Typhoid Mary with seven viruses,” said Andrew Cheeseman, technical Manager for the EMEA events team at Microsoft.

Would you recommend this article?

0
0
Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Tweet This Facebook LinkedIn
Cloud, Emerging Tech e-mail account, security, viruses
Red Hat users to get better storage capability
Red Hat users to get better storage capability
EMC shapes plans for VMware
EMC shapes plans for VMware

Related Content

Sponsored By: Ricoh

Security incident forces firm to consider its MSP options

Technicity WEST: Building on COVID’s silver lining

Five reasons to use cloud virtual desktops to support the hybrid workforce

Sponsored By: Schneider Electric

The future of edge computing revealed

Tweets by itworldca

Follow
Tweet This Facebook LinkedIn google+

Subscribe
Resources CanadianCIO Digital Security CMO Digital CDN Magazine IT Salary Calculator LightningPR Webinars and Events Tech Research Partner Content
IT World Canada Community About Us Contact Us Technology Videos IT News IT Blogs Mobility News Cloud Computing Technology Topics ITWC Talks
ITWC Websites ITWC.ca Channel Daily News.com IT World Canada.com IT Business.ca Direction Informatique.com
© 2021 IT World Canada