Академический Документы
Профессиональный Документы
Культура Документы
www.airtightnetworks.net
Background
◆ Airports world-wide now provide Wi-Fi
Internet access for mobile users
The Goal
◆ To assess adoption of security best practices at Airport Wi-Fi networks
Malaysia (KLIA)
>> Orange County (SNA) >> Myrtle Beach (MYR)
Singapore (SIN)
1 2 3
A total of 478 Wi-Fi Access Points were analyzed across all Airports!
Public Wi-Fi
Private Wi-Fi
Hotspots
Access Points (APs) Networks
Open APs
◆ Wayport
◆ PacGate
◆ LGDacom
◆ AttWi-Fi (2) Hotspot SSIDs are
well known/published
◆ SFOPRIVATE
◆ FlyPittsburgh ◆ Ice Currency Services
and advertised
◆ Flypdx ◆ IAACCO
◆ singaporeair_B (3) Usually signal from ◆ KIOSKWIRELESS
◆ singaporeair_F multiple hotspot APs is ◆ BullPenH1
◆ JWA Hotspot visible at any coverage
location
◆ AceRail
◆ Ft.Laud-Hlwd_ ◆ e-Baggage Trial
Airport-Public AP1
◆ ACCESS-StarHub
A Study Conducted by AirTight Networks Not for circulation
Summary of Findings -
Questioning Airport IT Security
◆ Passenger ticketing
◆ By retailers
71% 15% 7% 1%
6%
HTTP
59%
S
TTP
H
38%
N
Clients
VP
( 585 in number)
3%
◆ 59% hotspot users are using plain text protocols such as HTTP
◆ Only 3% are using VPN connectivity to secure their data!
(1) User is visiting (2) He is looking at the Nasdaq (3) We have his cookie! So we can
www.marketwatch.com Composite Index (symb=comp) impersonate him
◆ Clients who are not active hotspot user can also be attacked!
◆ This may already be happening, but nobody will know unless
airspace is continuously monitored
◆ Airports are good places to find high such high value targets!
Infected Laptop
◆ Once connected to a
Infected Viral SSID network…
Infected
◆ A hacker can easily
access confidential
data on your hard
Infected disk
◆ Turn OFF your Wi-Fi interface if you are not using it!