http://www.boston.com/business/technology/articles/2004/07/22/laptops_at_the_fleetcenter_at_risk_of_breaches_attack/ By Hiawatha Bray Globe Staff July 22, 2004 The Democratic National Convention will attract thousands of visitors armed with laptop computers that feature wireless Internet access. And that could be a formula for disaster, according to a Boston data security firm that recently ran a vulnerability test in the area around the FleetCenter. Michael Maggio, the president of Newbury Networks Inc., said that unless proper precautions are taken, computer vandals will be able to tap into these laptops by using wireless transmitters located outside of the FleetCenter. The attackers could then use the compromised laptops to gain access to the computer network used to run the convention. The vandals could obtain sensitive information related to the campaign of presidential candidate John Kerry. Or they could unleash an attack that would bring down the network and throw the convention into chaos. ''It's part of the security . . . that people aren't thinking about, not because they're dumb, but because we didn't have this four years ago," Maggio said. Indeed, hardly anyone had heard of WiFi wireless networking in 2000. Today, half of all new laptops come with WiFi capability built in. A WiFi-equipped computer can share digital data by communicating with a wireless ''access point." Standard WiFi equipment has a range of about 150 feet, but that range can be substantially increased with high-powered equipment and a special antenna. The Democratic convention will use a standard wired network rather than WiFi. But according to Maggio, this won't provide any extra security. That's because many visitors who'll plug into the network will have computers with built-in WiFi capability. The WiFi feature is automatically switched on when the computer is running. In effect, the laptop can connect to a wired and a wireless network at the same time. Maggio said that an attacker with a high-powered WiFi access point could set up shop outside the FleetCenter, and communicate with WiFi laptops on the inside. If these laptops haven't been protected with the latest security patches, a skilled intruder will be able to gain access to the laptop. He could then leapfrog onto the Democrats' network, allowing him to steal information or vandalize computers. ''By being on both networks at the same time," said Maggio, ''that can compromise the entire network security." Maggio also said Newbury Networks ran a test of WiFi vulnerability around the FleetCenter by driving through the area in a vehicle equipped with a WiFi ''honeypot"-- an access point programmed to attract compatible WiFi laptops. According to Maggio, the testers were able to connect to several laptops being operated in or near the FleetCenter. Had these computers been connected to the Democrats' network, the testers might have been able to access confidential information. But Maggio said there was no attempt to read files on the laptop or the network, because that would violate state and federal law. Newbury Networks stands to profit from its warning. The company specializes in wireless network security products. But other technical specialists agreed the convention offers a ripe target for attackers. ''That's definitely a problem with any machine that has a wireless device that's not secure and that has not been disabled," said Chris Wysopal, vice president for research and development for At Stake Inc., a Cambridge computer security firm. The presence of thousands of laptop computers increases the chance that at least some of them will lack the latest security upgrades, making those machines open to attack. ''The numbers are on the attacker's side," said Wysopal. ''Out of a hundred machines you only need to find one machine that has a vulnerability, and you can use that to hop onto the wired network." Kip Meacham, director of technical marketing for Senforce Technologies Inc. in Draper, Utah, said that most of the damage from such an attack would probably be confined to the individual laptops, because it would be fairly difficult to undermine the Democrats' wired network. But Meacham said that if an attacker got control of a laptop used by one of the Democratic network managers, he could do considerable damage. That's because a network manager's laptop would have access to critical network files, which could be beamed out of the FleetCenter and into a data thief's computer. ''Wireless really makes that kind of scary," said Meacham. ''You no longer have to be physically connected with someone." The solution, said Meacham, is a kind of quarantine system that isolates laptop computers from the rest of the network, until they've passed a series of security tests. For example, if a user plugged a laptop into the network, the machine would be tested for virus infections, and checked to see if its WiFi network chip is switched on. Infected laptops, or machines with active WiFi chips, would be blocked from access to the network. Lina Garcia, press secretary for the Democratic convention, refused to say whether such a system is in place in the FleetCenter. Indeed, she refused to offer any details about computer security plans, to keep potential intruders in the dark. But Garcia insisted the Democrats have the computer security situation well in hand, with the help of security specialists from Cisco Systems Inc. and Microsoft Corp. ''People can rest assured that we are aware of the need for a strong security system for our technology infrastructure," said Garcia, reading from a prepared statement, ''and we are working with our partners, Cisco and Microsoft, to ensure that our systems remain secure." Hiawatha Bray can be reached at bray@private _________________________________________ Help InfoSec News with a donation: http://www.c4i.org/donation.html
This archive was generated by hypermail 2.1.3 : Fri Jul 23 2004 - 09:04:13 PDT