You might think attendees at a security conference would take extra
precautions to ensure their notebook’s safety. Think again.
According to mobile security vendor AirDefense, some 56 percent of 623 wireless devices at the RSA
conference in San Francisco were susceptible to attacks based on its
study of wireless traffic at the show Tuesday.
But AirDefense puts the blames on users, not conference organizer RSA.
“RSA does a good job of providing a secure network as good as any
standard corporate network,” Richard Rushing, chief security officer at
AirDefense, told internetnews.com.
The problem, Rushing said, is that among the thousands of attendees with notebook computers, PDAs and other wireless devices, most are vulnerable to attack because they use or maintain an open access wireless account separate from the conference network.
“People are using wireless, which is a good thing,” said Rushing, “but
they’re connecting at hotels and hotspots in an insecure manner.” Even if
the user intends to use a secure network as a main point of access, these
open accounts, if not deleted from a user’s preferred list of network access
points, can be exploited.
Specifically, Rushing said AirDefense identified 70 devices onsite at the
conference participating in ad-hoc, peer-to-peer
(define) networks using common SSID’s (Service Set
Identifiers) (define) such as “Free Public WiFi,” “Free Internet
Access” and “Linksys.” Use of these networks typically means no firewall is
present on the wireless interface, or it is an un-patched Windows system
that can be readily exploited.
“It’s low-hanging fruit for attackers,” said Rushing.