Highlights    Press Releases    In the News    Media Clips    Press Box    Events    Testimonials 

Press Releases

AirDefense Completes RSA Conference Wireless Network Monitoring; For Third Straight Day More Than Half of Wireless Devices Vulnerable to Attack

RSA Conference―San Francisco―February 9, 2007 – AirDefense, the innovator and market leader in anywhere, anytime wireless security, today released results from its wireless airwave monitoring on Thursday, February 8, at the RSA Conference, the world’s leading information security conference. For three consecutive days AirDefense studied the wireless LAN traffic from the show floor. On Thursday, AirDefense discovered 309 out of 547 wireless devices, such as laptops, PDAs, phones and vendor PCs susceptible to “Evil Twin” types of attacks, combined with some of the latest zero-day attacks. In total, 1,137 out of 2,017 wireless devices over a three day period could have easily been compromised.

To schedule an interview with Richard Rushing, CSO, AirDefense, call Bill Keeler or Mark Cautela at Schwartz Communications at: 781 684-0770. To review the results of wireless airwave monitoring results from Wednesday, February 7 and Tuesday, February 6, log onto:
http://www.airdefense.net/newsandpress/02_08_07_1.php
http://www.airdefense.net/newsandpress/02_07_07.php

“It is important for people to understand that the vulnerability of 309 wireless devices on Thursday, 481 devices on Wednesday and 347 devices on Tuesday was not the problem of RSA Conference organizers,” said Richard Rushing, CSO, AirDefense. “Any compromised devices at this year’s conference resulted from conference attendees whom joined a wireless network through hotels and hotspots that were insecure.”

AirDefense’s wireless airwave monitoring on Thursday discovered more than 90 wireless chipset driver attacks being conducted at the show to compromise inspecting laptops. Denial of Service attacks slowed down with AirDefense noticing 47 different attacks on Thursday versus 85 on Wednesday trying to disrupt the wireless network, from CTS flooding of the airwaves to de-authentication types of attacks, to jamming attacks. These were limited in the durations and location of these attacks continued to move about the exposition floor. The types of tools used to attack the network were more sophisticated, an attempt to take advantage of the probing laptops that were discovered on Tuesday and Wednesday. Some attack tools were versions of Karma, that mimic the Access Point the station is probing for.

Other Discoveries on Thursday:

  • AirDefense noticed that many clients, when connected to an unencrypted network, would disclose information about the organizations networks such as Domain, Authentication Server, Active Directory, User Name and Computer Name in the clear. Leaking out NetBIOS and IPX traffic was common on these devices. An Attacker could and might have captured the corporate username and authentication hash (password), that the unsuspecting user would have sent over the airwaves. As the laptop is not aware of its location, it does not know if it is at the office, home or hotspot. This has the potential to worsen as the number of laptops and wireless laptops become more prevalent than the corporate computer.
  • A high percentage (more than 10 percent) of laptops ran unpatched software or had disabled the Firewall on the wireless interface.
  • The launch of the driver exploit attacks showed that these attacks were used to compromise laptops. The danger of these attacks result because the wireless interfaces just have to be active and a compromise could have taken place with no connection to a Soft AP or Evil Twin. Very few laptops had patched drivers as this is a major update and may not be something that is pushed out in the patch cycle.

About AirDefense
AirDefense is the market leader in anywhere, anytime wireless security. The company is trusted by more Fortune 500 companies, healthcare organizations and high-security government agencies for enterprise wireless protection than any other company. AirDefense products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention, both inside and outside an organizations physical locations and wired networks. Common Criteria-certified, AirDefense enterprise-class products scale to support single offices as well as organizations with hundreds of locations around the globe. Founded in 2001, AirDefense is based in Atlanta, GA, and serves more than 600 government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770.663.8115.

AirDefense Contact:
Bill Keeler or Brant Caraberis
Schwartz Communications
PH: 781-684-0770
airdefense@schwartz-pr.com

Kristin Callaway  
AirDefense
Cell: 770-843-5256
kcallaway@airdefense.net
www.motorola.com   Careers   Contact Motorola   Investors   Media Center   Privacy   Terms of Use
2009 Motorola, Inc. All rights reserved.
Products