Security Professionals Found Operating Unsecured Networks

By Mark Hoerrner

Sure, keeping a home network secure and free from viral attacks may be the last thing most of us want to worry about, but at least there’s a host of people dedicated to promoting the best practices in network security. At least, that’s what the attendees at the RSA Conference would have told you, but AirDefense, an Atlanta-based computer security firm, found that over half of the conference attendees had not taken the time to secure their own networks.

On the second day of the event, AirDefense noted that 847 wireless devices were in use, and 481 of them, or 57 percent, were vulnerable to attacks from "Evil Twin" and similar attacks. "Evil Twins" are computers that pose as an open-access network so that users will connect to the machine in order for the machine’s owner to have free access to the victim’s computer and the information stored there. An Evil Twin may look exactly like a network the user is used to connecting to, but it is just a cunning spoof of the original. Given the rise in internet banking and online commerce, wireless security becomes a very serious issue to which many people are unfortunately indifferent.

If the pros at the conference aren’t worried about security, then what does that say for the consumer market at large?

"The vulnerability of 481 devices on Wednesday and 347 devices on Tuesday is not the problem of RSA Conference organizers. In fact, they secure the conference network as well as or better than most standard corporate networks," said Richard Rushing, CSO, AirDefense. "The wireless vulnerabilities increase dramatically when conference attendees have joined a wireless network through hotels and hotspots that are insecure."

So that afternoon trip to tie into the free wireless at the local café may cost the consumer a bit more than the cup of latte if a computer becomes compromised. How frequently does something like that take place? During a single day at the conference, the wireless network received more than 80 attacks. Most of these were nuisance attacks designed to disrupt a network, but some were attacks designed to mimic a wireless access point and harvest data from the computer. One such attack attempted to grab eight machines at one time.

Such attacks seek out confidential information—network IDs and passwords, domain and authentication server info and the like so that more destructive intrusions can be made. By the same token, anyone engaging in ecommerce or internet banking could be giving criminals the keys to their entire financial holdings.

Perhaps it’s the misconception that since the wireless network is invisible, users believe the information they send over the network is invisible as well. Amit Sinha, AirDefense’s chief technology officer and a PhD in electrical engineering and computer science, says that most people forget the difference between wireless and cabled networking.

"When you connect to a wireless network, you become part of a large hub," Sinha says. "Everyone can see your traffic if they want to, though they may not understand it if it’s encrypted. On a cabled network, someone has to have physical access to that network."

There are defenses against attack and intrusion, Sinha says.

"At the highest level, they should do what I tell my children: never talk to strangers," he says. "We use a special tool—free to individuals—that helps authenticate the network to which you are connecting."

Even when using specialized software, Sinha says that people should use common sense about what they access while on a public network.

"Be cautious," he says. "Don’t do any banking while at a café. Just surf the web and enjoy your coffee."

He discourages even checking email unless it’s a web-based program that has secure end-to-end encryption. But not even that is the best way to go. Keeping confidential information on a home network is the best idea, but even then, it’s important to make sure the network is secured by a firewall at the very minimum. On top of that, he encourages people to turn on all available security features.

"Most home networks won’t become victims if some protection is in place," he says. "Just like you lock the door to your house to keep your family safe, so should you lock the network you use to conduct business or personal transactions."