Atlanta, GA- April 11, 2005 - AirDefense, the leader in anywhere, anytime wireless security monitoring, today released the results from the wireless network monitoring the company conducted at the InfoSec World Conference and Expo 2005. AirDefense detected a new trojan horse named Revop, that to date has only been detected in the United States. In addition, many other wired-side viruses and worms were discovered. This type of malicious activity has been on the rise as was previously reported most recently by AirDefense at RSA Conference.

At InfoSec 2005, AirDefense studied the wireless LAN traffic throughout the conference and identified vulnerability scanning, port mapping and known wired-side viruses and trojan horses infecting the network. The viruses included Netsky, a virus that spreads via email at the start of each Windows session and Lovgate, a family of Internet worms with backdoor functionality that spread via email and network shares. In addition to the new trojan horse Revop that was discovered, AirDefense's monitoring uncovered Radlight, a trojan horse that damages internet connections.

"Attacks typically launched over wired networks are now being performed on the wireless side," said Richard Rushing, chief security officer for AirDefense. "The sophistication of attacks continues to increase and attackers have finally realized wireless is just another medium for connectivity. The conclusion that is drawn is that attackers are performing many of the same types of attacks that frequently occur on the wired side."

AirDefense also identified the following risks and threats:

• 102 identity thefts
• 60 devices sniffing the airwaves for clear text passwords and information
• 34 ad-hoc networks
• 23 devices scanning for wireless devices
• 12 Soft APs
• 3 denial of service attacks
• An overloaded access point that failed and reverted back to its default configuration

More than 80 percent of wireless stations were susceptible to Access Point (AP) Phishing, or being redirected from a legitimate AP. AP Phishing attacks happened to people looking for the most common service set identifiers (SSIDs) "Linksys," "Infosec" and "T-Mobile."

To prevent AP Phishing, AirDefense advises conference attendees to register for hotspots or wireless service on a wired network. By registering for a wireless account on a wired network such as the home or in the office, attendees increase the likelihood of connecting to the legitimate access point because they will already have the password needed to connect.

"Less than 50 percent of the access points at the show used either WEP [wired equivalent privacy] or advanced authentication," said Rushing. "Without proper encryption or authentication users connecting to access points at the show essentially offered up their passwords and data for attackers to steal and use in potentially malicious ways. Statistics such as these tell us the corporate wireless policy is not making it down to the device level."

AirDefense also detected an abundance of clear text traffic, including a device's Network Basic Input Output System (NetBIOS), which would allow an attacker to discover and take advantage of a station's vulnerabilities in the operating system or open services such as file sharing. Also floating in the air, AirDefense identified leaking of network traffic, including Cisco Discovery Protocol (CDP), Spanning Tree Protocol (STP) and Open Shortest Path First (OSPF).

AirDefense continues to advise conference attendees to use encrypted e-mail to avoid transmitting messages in the open, avoid insecure protocols and services and think defensively about the information being transmitted when using public networks.

About AirDefense, Inc.
AirDefense is the market leader in anywhere, anytime wireless security and monitoring. The company's products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion protection both inside and outside an organization's four walls. AirDefense's enterprise-class products scale to support everything from single offices to organizations with hundreds of locations. Founded in 2001, AirDefense is based in Alpharetta, GA and services hundreds of government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770.663.8115.

Contact:
Heidi Litner
AirDefense, Inc.
770-663-8115 x:110
hlitner@airdefense.net

Bill Keeler or Annelise Armstrong
Schwartz Communications
781 684-0770
airdefense@schwartz-pr.com