Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Many Wireless Security Breaches Reported At Security Conference

There were 32 "Evil Twin" attacks and many other types of security breaches aimed at Wi-Fi users of the recently-concluded RSA security conference, wireless security vendor AirDefense claimed Thursday.

In an Evil Twin attack, hackers set up bogus access points and try to get nearby wireless users to log on either. Then, they can steal information that the user transmits The use of this method of attack marks a significant shift in how eavesdroppers and hackers are trying to steal information from wireless LAN users, according to the company.

"Rather than simply scanning for and identifying access points, people are now imitating access points," Richard Rushing, AirDefense's chief security officer, said in a statement. "The same holds true for identity theft -- hackers have realized the value is in trying to become the access point or station, not merely finding one."

AirDefense regularly monitors the airwaves at industry conferences and reports the results afterwards. The company noted that the conference organizers made extraordinary efforts to provide secure wireless access, including as issuing digital credentials for accessing the wireless network used at the conference.

AirDefense acknowledged that the efforts made the conference's wireless network secure, but that didn't mean individual users were secure. That's because hackers were probing individual users' wireless profiles on their laptops, which list previously-used wireless networks. The hackers could then use the names of those networks to launch Evil Twin attacks.

  • 1