[iwar] [fc:Airport.checks.vulnerable.to.hackers,.experts.say]

From: Fred Cohen (fc@all.net)
Date: 2002-01-18 06:05:05
Next message: Fred Cohen: "[iwar] [fc:ANSIR.E-mail.-.Message.from.the.FBI's.Counterterrorism.Division]"
Previous message: Fred Cohen: "[iwar] [fc:Weakened.encryption.lays.bare.al-Qaeda.files]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200201181405.g0IE55t11223@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Fri, 18 Jan 2002 06:05:05 -0800 (PST)
Subject: [iwar] [fc:Airport.checks.vulnerable.to.hackers,.experts.say]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
                      "http://www.w3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<title>stdin: (ai) Airport checks vulnerable to hackers, experts say</title>
<meta name="Author" content="Lowell Thomas (lst@mitre.org)">
<meta name="Subject" content="(ai) Airport checks vulnerable to hackers, experts 
say">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<h1>(ai) Airport checks vulnerable to hackers, experts say</h1>
<!-- received="Thu Jan 17 15:17:07 2002" -->
<!-- isoreceived="20020117231707" -->
<!-- sent="17 Jan 02 18:08:45 -0500" -->
<!-- isosent="20020117230845" -->
<!-- name="Lowell Thomas" -->
<!-- email="lst@mitre.org" -->
<!-- subject="(ai) Airport checks vulnerable to hackers, experts say" -->
<!-- id="200201172308.g0HN8vi29359@smtpsrv2.mitre.org" -->
<!-- expires="-1" -->
<strong>From:</strong> Lowell Thomas (<a href="mailto:lst@mitre.org?Subject=Re:%20(ai)%20Airport%20checks%20vulnerable%20to%20hackers,%20experts%20say%2526In-Reply-To=%2526lt;200201172308.g0HN8vi29359@smtpsrv2.mitre.org"><em>lst@mitre.org</em></a>)<br>
<strong>Date:</strong> 2002-01-17 15:08:45
<p>
<!-- next="start" -->
<ul>
<li><strong>Next message:</strong> <a href="2250.html">Lowell Thomas: "(ai) Turning 
script kiddies into programmers"</a>
<li><strong>Previous message:</strong> <a href="2248.html">Lowell Thomas: "(ai) 
'Donut' virus set to poke holes in .Net"</a>
<!-- nextthread="start" -->
<!-- reply="end" -->
<li><strong>Messages sorted by:</strong> 
<a href="index.html#2249">[ date ]</a>
<a href="thread.html#2249">[ thread ]</a>
<a href="subject.html#2249">[ subject ]</a>
<a href="author.html#2249">[ author ]</a>
<a href="attachment.html">[ attachment ]</a>
Airport checks vulnerable to hackers, experts say

Carrie Kirby, SF Chronicle Staff Writer, 1/17/02
<a href="http://www.sfgate.com/cgi-bin/article.cgi?f=/chronicle/archive/2002/01/17/MN180845.DTL">http://www.sfgate.com/cgi-bin/article.cgi?f=/chronicle/archive/2002/01/17/MN180845.DTL>

Terrorist hackers could exploit wireless networks used to check baggage
at major airports -- including San Jose's -- according to network
security experts.

However, those same experts are unclear on the extent of the risk,
because thorough audits of wireless networks at airports have not taken
place.

The issue is coming to the fore tomorrow, when all airlines are required
to increase measures to prevent bomb-bearing luggage from getting onto
airplanes. One acceptable measure, which airport officials said that
American Airlines will be using at San Francisco International Airport
and at San Jose's Norman Y. Mineta International Airport, is making sure
that each passenger who checks in luggage actually boards the plane.

Some airlines are using a wireless technology standard -- known as
"802.11. b" -- to transmit passenger information from the curbside
check-in stations to the boarding gates. American is using the
technology for such purposes at San Jose's airport.

Hackers have proved the standard to be vulnerable. By exploiting this
acknowledged weakness, a terrorist with computer hacking skills could
tamper with that information and sneak a bomb onto a plane
unaccompanied, said Thubten Comerford, chief executive of White Hat
Technologies in Westminster, Colo.

"They might be able to have bags assigned to somebody else's luggage,"
he said. In such a scenario, a terrorist might check in a bag with a
bomb inside, then sit in the airport or in a car and use a laptop to
break into the airline's baggage system and assign the bag to another
passenger.

Hackers could also use a wireless network as a steppingstone for
breaking into other airline systems, such as the reservation system,
said Joe Weiss, vice president of the network applications division at
Airinc, a communications technology firm owned cooperatively by the
major airlines. The chance of such a break-in taking place depends on
the security measures taken by each individual airline, he said.

"It does present a passenger risk," Weiss said.

In a recent test arranged by Computerworld magazine, hackers using
wireless laptops at the airport easily tapped into the wireless network
used by American Airlines curbside check-in agents at San Jose and
Denver international airports. The information was not encrypted, said
Jonas Luster, co-founder of D-fensive Networks in Campbell, who
conducted the San Jose test, and Comerford, of White Hat Technologies,
who conducted the Denver test.

American is one of several airlines that have been testing wireless
networks at the curbside, said Weiss. Southwest Airlines also uses
wireless at nine locations nationwide, said spokeswoman Beth Harbin, but
it is not known whether Southwest's wireless networks could be
compromised as easily as American's were. United and Northwest Airlines
did not return calls for this story.

Security experts say that the wireless networks available now are
inherently insecure, even when encryption is used.

"Any time you're using wireless (networks), . . . it is a security
risk," said Mandy Andress, president of ArcSec, a San Mateo security
company. The standard wireless equipment on the market uses flawed
encryption that can easily be cracked by people who know what they're
doing, she said. New, improved technologies to protect wireless networks
are expected to be released this year, but until then, there are a few
temporary fixes that can decrease the chances of someone breaking in,
she said.

But American was apparently not using available precautions, Luster and
Comerford said.

American Airlines spokesman Gus Whitcomb said that Luster and Comerford
exaggerated the security risk because their companies provide security
services.

"They have a vested interest in trying to make mountains out of mole
hills to drive up demand for their products," he said.

American is working on fixing the problems that the security experts
revealed, he said.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tiny Wireless Camera under $80!
Order Now! FREE VCR Commander!
Click Here - Only 1 Day Left!
http://us.click.yahoo.com/WoOlbB/7.PDAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:ANSIR.E-mail.-.Message.from.the.FBI's.Counterterrorism.Division]"
Previous message: Fred Cohen: "[iwar] [fc:Weakened.encryption.lays.bare.al-Qaeda.files]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST