Infosecurity Europe: Rogue wireless network snares more than 300 visitors in four hours
More than 300 users connected to a rogue wireless network at the Infosecurity Europe exhibition in a live experiment by CryptoCard.
On its stand, managing director EMEA Jason Hart set up a wireless network named ’Free Infosec WiFi’ that was open for two hours on the first two days of the show. Presenting the results, he revealed that 143 people had connected on the first day and 162 had connected on the second day.
Speaking to SC Magazine on the 305 people who had willingly connected to this network, Hart said: “These are infosecurity people connecting to the unsecured network and using the freely available Cain software with a £30 network, we were able to see their name, IP address and Mac address and could have taken their credentials if they tried to use applications or the internet while connected.
“There is no way of knowing that this is a rogue network as users assume it is free and use it, what is a real concern is that if you go on YouTube you can find videos of how to set these networks up. ”
In a live demonstration of the smartphone hacking experiment conducted on SC Magazine online news editor Dan Raywood, Hart changed the name of the rogue network to ’BT Openzone free’, which Apple iPhones automatically connected to, demonstrating how simple it is to collect credentials.
Also this week, CryptoCard launched the Blackshield Cloud, an authentication-as-a-service offering to replicate an onsite authentication server. It said that Blackshield Cloud allows enterprises to protect any point of access where a password is currently used and allows all access to be secured from a single point of control.
Neil Hollister, chairman and CEO of CryptoCard, said: “The Blackshield suite is the technical fulfilment of our vision of making strong authentication a commodity and represents a true paradigm shift for authentication.
“The rules of the game have changed in the past couple of years and it’s no longer a question of whether strong authentication is needed, but rather what’s the best way of deploying it. The Blackshield suite takes strong authentication out of the niche and into the mainstream. ”