|  |
Newbury Networks Identifies Significant Wi-Fi Security Risks at Republican National Convention Site
Newbury Networks Inc., provider of location-based management and security solutions for wireless networks, unveiled data collected from a recent "war drive" in New York City showing large numbers of open, unsecured Wi-Fi networks and 802.11 client cards - operating throughout the city. Surprisingly, a large number of these devices were discovered in the area surrounding Madison Square Garden - site of this week's Republican National Convention (RNC).
To illustrate the security challenges of wireless networks, Newbury used its award-winning WiFi Watchdog(TM) solution to identify unsecured Wi-Fi activity in the area surrounding Madison Square Garden. With an estimated 50,000 delegates, media and elected officials planning to attend this week's four-day event, wireless network technology is playing a key role in the distribution and exchange of information throughout the convention site. Given the proliferation of wireless access points and the number of anticipated wireless devices in the area, the RNC's official "no Wi-Fi" policy will be very difficult to enforce and manage inside the convention facility.
A two-hour war drive throughout New York City on August 24, 2004, using the WiFi Watchdog security solution, provided unique insights into the challenges many organizations face in securing their wireless networks. Highlights of the war drive include:
* A total of 7,039 unique Wi-Fi devices detected, of which 63% were wireless access points and 37% were wireless network cards.
* An average of one wireless network card every 90 seconds accidentally associated with Newbury's unsecured access point (or "honey pot" network) - potentially resulting in a direct connection to the resources on that individual's laptop or PC.
* 67% of the 1,008 unique wireless networks detected near the RNC site had no encryption enabled, leaving them vulnerable to attacks and security breaches. In fact, Newbury Networks detected 802.11 signals emitted by the Wi-Fi networks of many well-known companies and organizations, including Aetna, Coca Cola, DKNY, Olympus, Applebee's, Starbucks, Burger King, the New York State of Appeals, the New York Film Academy, Columbia University and New York University's Stern School of Business.
"Newbury undertook this experiment to illustrate the security challenges inherent with the rapid adoption of Wi-Fi technology. Four years ago, at the last set of national political conventions, Wi-Fi was still in its 'early-adopter' stage," noted Michael Maggio, president and CEO of Newbury Networks. "The huge productivity gains provided by Wi-Fi have prompted many organizations to deploy wireless networks. These networks, however, place enormous demands on enterprises and government agencies to understand the security challenges and the solutions available to make these networks both secure and productive."
Newbury Networks' findings underscore that while New York City continues to focus on physical security surrounding the Convention, the huge numbers of open, unsecured wireless networks represent a serious threat to the city's wireless infrastructure.
For example, a wireless enabled notebook computer powered up inside Madison Square Garden by a conventioneer or media representative could automatically associate with wireless networks outside of the building. A hacker can then easily use this connection to steal files and other data from the notebook computer. Given that many of the conventioneers and media will bring their computers (and other wireless devices) with them to the convention, the potential for a serious breach of security is exacerbated.
"As was the case in Boston for the DNC, convention planners cannot effectively enforce these 'no Wi-Fi' policies. New York, in many respects, is even more vulnerable to security breaches because of the level of wireless traffic around Madison Square Garden. All the security policies in the world can't stop a wireless intruder from accessing an open network signal emanating from a Wi-Fi access point or network card," said Maggio.
For more detailed information on Newbury's DNC and RNC war drives in a pre-recorded Webcast presentation, please go to www.newburynetworks.com/wardrive. 03.09.2004, Newbury Networks Inc.
Subscribe to the newsletter | | |
| | | |
