A Study Conducted by AirTight Networks.ppt

* * * * * * * * * * * * A Study Conducted by AirTight Networks Not for circulation A Study Conducted by AirTight Networks Wireless Vulnerability Assessment: Airport Scanning Report A Study Conducted by AirTight Networks Not for circulation About this Study The Goal To assess adoption of security best practices at Airport Wi-Fi networks To assess information security risk exposure of laptop users while they are transiting through airports Background Airports world-wide now provide Wi-Fi Internet access for mobile users Use of Wi-Fi hotspots by business users at airports is steadily increasing Airports are increasingly using private Wi-Fi networks for baggage handling as well as passenger ticketing A Study Conducted by AirTight Networks Not for circulation Study Methodology Pittsburgh (PIT) Philadelphia (PHL) Myrtle Beach (MYR) Orange County (SNA) Ottawa (YOW) Portland (PDX) San Jose (SJC) Newark (EWR) West Palm Beach (PBI) Chicago (ORD) Visited 14 airports world-wide (11 in US; 3 in Asia-Pacific) Scanned Wi-Fi signal for 5 minutes at randomly selected location (typically a departure gate or lounge area) Traces collected using off the shelf Wi-Fi card and publicly available data collection tools Traces collected between 30 Jan 2008 through 8 Feb 2008 Number of Access Points = 478; Number of Clients = 585 Singapore (SIN) Malaysia (KLIA) Seoul (ICN) San Francisco(SFO) A Study Conducted by AirTight Networks Not for circulation Key Findings Implications 1 2 3 Critical Airport systems found vulnerable to Wi-Fi threats Data leakage by both hotspot and non-hotspot users ‘Viral Wi-Fi’ outbreak continues ~ 80% of the private Wi-Fi networks at Airports are OPEN / WEP! Only 3% of hotspot users are using VPNs to encrypt their data! Non-hotspot users found leaking network information Over 10% laptops found to be infected! Evidence Study Findings A Study Conducted by AirTight Networks Not for circulation Summary of Findings We expected to f