Thousands of people will gather in Boston beginning Sunday for the Democratic National Convention -- many of them armed with wireless-enabled laptops that could present major security problems, a Boston-area firm says.
Although the convention itself will rely on a wired network, there are hundreds of unsecured wireless access points and cards around and about the FleetCenter, home to the convention, according to tests done by Newbury Networks, a provider of location-based wireless security solutions.
In a pair of day-long drives around the FleetCenter in July, Newbury easily found thousands of unsecured access points and hundreds in the immediate area of the FleetCenter, says Matthew Gray, the company's chief technology officer, who adds that the unsecured access points and cards could pose a serious problem at the convention.
Hackers could loiter outside of the FleetCenter, then use the unsecured hotspots to gain access to Wi-Fi-enabled laptops carried by journalists, delegates and others, perhaps by exploiting vulnerabilities on un-patched machines. From there, attackers could use the compromised machines to gain access to the convention's wired network, where they might be able to dig up sensitive information or launch a denial-of-service attack on the network to throw a wrench into the proceedings.
The leap from compromised wireless laptops to the convention's wired network is possible, says Gray, because most Wi-Fi notebooks automatically connect to any access point within range, even as they're on the wired network. "Laptops could be on both networks -- wireless and wired -- at the same time," he says. "That's a much more insidious kind of threat than a rogue user simply connecting to an access point."
As Gray and others drove near the FleetCenter and at times parked in lots close to the site, they detected unsecured access points and cards using the traditional "war drive" tactic of using a Wi-Fi notebook of their own, as well as with slightly more sophisticated gear and the company's WiFi Watchdog software.
"We used a high-gain antenna to draw in signals from access points as far away as two or three miles," he said. Such antennas are inexpensive--$30--and can even be made out of a Pringles can. "Just type 'Pringles' and 'wireless' on Google," said Gray. "You'll be amazed."
Even though physical security at the convention is expected to be tight, Gray was surprised that their forays didn't raise any eyebrows. "We were never stopped by police, even with an antenna pointed out the window of the car," he said. "That was a little distressing."
The wireless security problem is exacerbated, Gray said, because four years ago, when the Democrats last put on their convention, wireless was a rarity. "Wireless security issues aren't really new, but to a group like this that puts on an event only every four years, they're very new."
The convention will essentially be a wireless-free zone, with no open access available. But select users such as media photographers will have access to hot spots near their workstations. These nodes, as well as those deployed around each state's delegation, will be managed by convention's own technology group. It's the access points outside their control that worry security experts like Gray.
Information stored on the convention's own computers may not contain confidential information, but if it does, the data may be at risk to theft. More troublesome, says Gray, would be a denial-of-service attack unleashed via vulnerable laptops linked to the wired network inside the FleetCenter. A determined attack could bring down the convention's computer network, crippling the event.
As an example of the pervasiveness of wireless devices around the FleetCenter, Gray noted that during their war drives, a wireless card tried to connect with the open access point they had set up in the car about every two minutes. Some laptops or other devices tried to connect repeatedly, likely without the user even knowing it was happening.
More disturbing, however, was that two out of every three wireless networks they detected sported no encryption or had it disabled, making exploitation relatively easy. "I thought we'd find some unsecured access points and cards," Gray said. "But unfortunately, my expectations were greatly exceeded."
The Democratic National Convention Committee did not return a call for comment.
This article appeared in the July 23, 2004 issue of InformationWeek.