Beruflich Dokumente
Kultur Dokumente
To assess information security risk exposure of laptop users while they are
Page 2
Study Methodology
Visited 13 new airports world-wide (9 in US, 2 in Europe, 2 in Asia-Pacific)
USA: New York (JFK), Washington (IAD), San Antonio (SAT), Fort Lauderdale
(FLL), Dallas (DAL), Seattle (SEA), Omaha (OMA), Chicago (MDW), San Diego (SAN)
Europe: Southampton (SOU), Dublin (DUB) Asia/Pacific: Bangkok (BKK), Pune (PNQ)
Page 3
Study Findings
Evidence
Page 4
The same pattern of wireless vulnerabilities were found at all airports again
assessed
Several airports seem to be using WEP-based baggage tracking systems
APs with out-of-the-box default configuration Open/WEP APs with hidden SSIDs
Page 5
WPA/WPA2
Page 6
Page 7
Wireless APs possibly used for baggage handling are using WEP. E.g.
Page 9
Page 10
Page 11
Customs network!
Page 12
Page 13
Over 30% airports have one or more APs with default configuration (which are
always insecure)
This not only suggests that security practices were overlooked but these APs
can inadvertently also act as Honeypots SSID Linksys (1 Client connected) Linksys Default (2) Linksys Linksys Encryption OPEN WEP WEP OPEN OPEN Location JFK SAT BKK DAL BKK
Over 40% security conscious users still continue to use Hidden SSIDs instead of using
WPA/WPA2
Page 14 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.
Airport Authorities and Airlines need to secure their private Wi-Fi networks
Secure legacy Wi-Fi enabled handheld devices being used for baggage handling Use at least WPA for Wi-Fi enabled ticketing kiosks Protect the Airport IT networks against active Wi-Fi attacks
Page 15
Do not connect to Unknown Wi-Fi networks (e.g. Free Public WiFi) while at the airport or any other public places
Do not use computer-to-computer (ad-hoc connectivity) while at public places such as airports
Business Travelers - Use VPN connectivity while using hotspot Wi-Fi networks
Turn OFF your Wi-Fi interface if you are not using it!
Page 16