Air Tight Airport Wi Fi Scan Analysis

Wireless Vulnerability Assessment: Airport Scanning Report www.airtightnetworks.net

About this Study ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Study Methodology >> Pittsburgh (PIT) >> Philadelphia (PHL) >> Myrtle Beach (MYR) >> Orange County (SNA) >> Ottawa (YOW) >> Portland (PDX) >> San Jose (SJC) >> Newark (EWR) >> West Palm Beach (PBI) >> Chicago (ORD) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Singapore (SIN) Malaysia (KLIA) Seoul (ICN) >> San Francisco(SFO)

Key Findings & Implications Critical Airport systems found vulnerable to Wi-Fi threats Data leakage by both hotspot and non-hotspot users ‘ Viral Wi-Fi’ outbreak continues ~ 80% of the private Wi-Fi networks at Airports are OPEN / WEP! Only 3% of hotspot users are using VPNs to encrypt their data! Non-hotspot users found leaking network information Over 10% laptops found to be infected! Evidence Study Findings 1 2 3

Summary of Findings ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Wi-Fi Scan Results But are all OPEN Wi-Fi networks Hot-Spots? A total of 478 Wi-Fi Access Points were analyzed across all Airports! ,[object Object],[object Object],[object Object]

Wi-Fi Scan Results Hot-spot providers These don’t look like hotspot APs! Private Wi-Fi Networks Access Points (APs) Public Wi-Fi Hotspots Open APs

A magnified look at Unsecured Access Points ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Hotspot APs Non Hotspot APs 41% 59% ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],(1) Hotspot APs don’t hide SSID (2) Hotspot SSIDs are well known/published and advertised (3) Usually signal from multiple hotspot APs is visible at any coverage location

Summary of Findings - Questioning Airport IT Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Vulnerability discovered at SFO Airport ,[object Object],[object Object],[object Object],The “Hidden” WEP-encrypted Access Point was communicating with a “Symbol” card typically used in handheld devices that are likely used in baggage management at SFO. The baggage management system at SFO airport may easily be compromised! We discovered the “Hidden” SSID of an AP in a mere 5 minute scan! Prevalent Myth – Hiding SSID is more secure than encryption All APs are Open/WEP!

User Connectivity Analysis OPEN WEP WPA WPA2 57% 28% 10% 5% Clients ( 585 in number) 15% ,[object Object],[object Object],Hotspot Non - Hotspot 71% 7% 1% 6% 59% HTTP 38% HTTPS 3% VPN

Data Leakage – By Wi-Fi Users Clients sending data without any encryption using HTTP are in serious danger of having their activities spied on and accounts hijacked in some cases (1) User is visiting www.marketwatch.com (2) He is looking at the Nasdaq Composite Index (symb=comp) (3) We have his cookie! So we can impersonate him

Data Leakage – By Wi-Fi Users ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

“Honeypot” Attack Scenario ,[object Object],[object Object],[object Object],(1) Laptop is probing for SSIDs from your preferred list (cached). (2) Attacker sets up an Access Point with matching SSIDs. Tools for setting this up are easily available (e.g. Karma, Hotspotter) (3) Laptop connects to the Attacker’s machine. Client Attacker (4) Attacker launches exploits to download data or gain control of victim’s machine.

Wi-Fi virus outbreak at the Airports 10% of all mobile users were advertising viral Wi-Fi networks! % of total Clients infected by one or more viral SSIDs at various Airports

What are Viral Wi-Fi networks? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

How the Infection happens… ,[object Object],Infected Laptop Free Public Wi-Fi User Infected!

How the outbreak happens… ,[object Object],[object Object],[object Object],Infected Infected Infected Infected Infected Infected Infected

Why are Viral Wi-Fi networks such a big threat? ,[object Object],[object Object],[object Object],Infected Infected Infected Infected Infected Infected Infected

Call to Action – Airport authorities ,[object Object],[object Object],[object Object],[object Object]

Call to Action – Wi-Fi Hotspot Users ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Air Tight Airport Wi Fi Scan Analysis

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (6)

Similar to Air Tight Airport Wi Fi Scan Analysis

Similar to Air Tight Airport Wi Fi Scan Analysis (20)

More from AirTight Networks

More from AirTight Networks (20)

Recently uploaded

Recently uploaded (20)

Air Tight Airport Wi Fi Scan Analysis