AirDefense Discovers Wireless Security Less Than 'Bullet Proof' At 97th Annual National Retail Federation

AirDefense, the innovator that launched the wireless LAN security market, recently unveiled results from its wireless airwave monitoring on Monday, January 14, at the 97TH annual National Retail Federation (NRF) Convention & Expo. Retail's 'Big Show' held on January 14-16, at the Javits Center, 655 West 34th Street, New York City.

"It is evident that the majority of companies exhibiting are not taking wireless security seriously or there would be a much higher percentage of 'bullet proof' encryption practices in place protecting APs," said Richard Rushing, chief security officer, AirDefense. "AirDefense also discovered less than one percent of devices were pre-802.11n as retailers are waiting for this standard to be ratified and new technology deployments are lagging as a result. In that respect, retail is taking a wait-and-see approach similar to the Fortune 500, healthcare industry and banking industry."

AirDefense discovered less than ten percent (10 %) of the 458 Access Points (APs) in use at NRF were using 'bullet proof' encryption such as WPA2. In fact, nearly sixty percent (60 %) of APs were using Wired Equivalent Privacy (WEP), the weakest protocol for wireless data encryption, which can be compromised in minutes but is in wide use today.

While monitoring the wireless LAN traffic throughout the day Monday, AirDefense also found that nearly eighty percent (80 %) of the 1,693 wireless devices such as laptops, PDAs, phones and vendor PCs were susceptible to "Evil Twin" types of attacks. "Evil Twins" are the wireless version of email phishing scams, a technique whereby an attacker tricks victims into connecting to a laptop or PDA by posing as a legitimate hotspot.

To speak to AirDefense regarding their NRF wireless network findings stop by the AirDefense booth # 3106, or to schedule an interview with Richard Rushing, chief security officer, AirDefense, call Bill Keeler or Melissa Chan at Schwartz Communications at (781) 684-0770.

Other Interesting Findings:

• Lack of pre-802.11n equipment. AirDefense found less than one percent of the devices on the show floor were pre-802.11n. Trade shows such as NRF are designed to showcase the newest technologies in the retail space, yet the industry is lagging behind in new deployment.
• Attack tools such as Karma, Hotspotter, and Airsnarf were all seen in the airwaves, trying to capture the probing devices to take advantage of them.
• Many clients, when connected, would disclose information about the internal network such as Domain, Authentication Server, User Name, Password and Computer Name as all in the clear. Leaking out NetBIOS and IPX traffic was common on these devices. An attacker could and might have captured the corporate username and authentication hash (password), that the unsuspecting user would have sent over the airwaves by just connecting to the wireless network.
• Ninety-four (94) laptops and other devices in the airwaves had altered their MAC addresses trying to bypass the security of the Javits' Center Wi-Fi Hotspot. Others were doing this to either blend into the environment or hide the true identity of the device.
• Large number of users attempting to jam the wireless signals, either by broadcasting a signal to overload the channel or using common techniques to overload Access Points, or the Channel, where thirty-nine (39) of these attacks were found.
• Wireless enabled devices from laptops, to PDAs, to phones, to vendor PC's were fighting for the congested airwaves. On the average the retransmission rate for wireless networks were seventy-eight percent (78%), meaning that the client would have to transmit a new packet for every four packets transmitted.

About AirDefense
AirDefense is the market leader in anywhere, anytime wireless security. The company is trusted by more Fortune 500 companies, healthcare organizations and high-security government agencies for enterprise wireless protection than any other company. AirDefense products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention, both inside and outside an organization's physical locations and wired networks. Common Criteria-certified, AirDefense enterprise-class products scale to support single offices as well as organizations with hundreds of locations around the globe. Founded in 2001, AirDefense is based in Atlanta, GA, and serves 700 government agencies and blue chip corporations. For more information, please visit www.airdefense.net

SOURCE: AirDefense