Security 'Experts' Aren't So Secure At RSA Conference
Analysts at AirDefense, a wireless monitoring company, ran a scan on wireless devices at the conference Tuesday at the Moscone Center in San Francisco. Of the 347 laptops, smartphones, and hand-held devices they monitored between 9:30 a.m. and 5 p.m., 56% of them weren't secure.
Those devices had been set up to link to insecure wireless access points like those found at hotels and Starbucks cafes. The problem, says Richard Rushing, chief security officer of AirDefense, is that when users are done using the connection, they don't change their devices' policy settings that let them connect to insecure access points. That means when their Blackberrys or laptops are on at the conference center, they could easily hook up to a rogue access point set up by a hacker.
Last year at the RSA conference, AirDefense found that 35% of wireless devices were insecure. But not as many people had wireless devices at the show with them. This year, says Rushing, there are more computers at the show with wireless capabilities, and more of them are at risk.
"It's a little surprising the percentage is actually that high," says Rushing, who is attending the conference "It just shows that there's a huge prevalence of wireless devices, and [people] aren't aware that they're putting themselves at risk."
A hacker could set up a rogue access point and send off a signal pretending to be a legitimate wireless access point. A laptop is set to run through its list of access points every 30 to 90 seconds, depending on its settings. If it comes across a stronger connection, it will simply pick it up. If that's a rogue connection, then the hacker has access to everything that's passing through it.
"It's all about manipulation," says Rushing. "With that connection you made, you're already doomed. You're setting yourself up for trouble. Most people leave the hotel, but that hotel is still in their machines' inner policy. So when they go to the show, they should turn off their wireless or change their policy to remove any access points they're not currently using. If you connect at Starbucks, when you leave, you should hit disconnect instead of just closing the browser."
Rushing adds that hackers know a lot of people aren't aware of the issue, which leaves them at risk. For hackers, this is just "low hanging fruit," he warns, adding that IT managers need to educate their road worriers as soon as they get back in the office.