BLACK HAT: Data seepage is the new security threat

Businesses men and women are broadcasting enough information from their laptops to allow hackers to aim targeted attacks at their devices and corporate networks, according to security researchers speaking at the Black Hat DC 2007 security conference in Washington, DC this week.

Share

Businesses men and women are broadcasting enough information from their laptops to allow hackers to aim targeted attacks at their devices and corporate networks, according to security researchers speaking at the Black Hat DC 2007 security conference in Washington, DC this week.

Most media attention is focussed on the threat posed when laptops containing employee or employee records, but experts from US services provider Errata Security outlined a trend they've labelled as "data seepage", focussing on the use of Wi-Fi systems in public settings such as airport lounges or coffee shops.

Using a software application they have designed dubbed Ferret, Errata chief executive Robert Graham and chief technology officer Dave Maynor demonstrated how easy it is to intercept seemingly innocuous information from people's devices as they connect to the Internet. They can then take that data to create a detailed profile of the individual, their Web usage, and even their employers' IT networks.

Whenever a user connects to the Web via Wi-Fi, or even if their laptop's wireless systems are merely left turned on, someone using such a sniffing tool can garner data about where the user has travelled, what type of operating system or applications they use, and who they may work for, Graham said.

For instance, the expert said that while sitting in airlines' business customer lounges it's not hard to look at details offered up freely by the machines of other travellers using Wi-Fi.

In doing so, Ferret can detect what hotspots the person has been through, giving an idea of their physical location; determine what e-mail servers or IM systems they attempt to access, lending an idea of their software and potentially their employer; and even scoop their IM contacts to determine who they communicate with.

In addition to data related to Web connectivity or operating systems, sniffer tools can be used to detect what types of anti-virus applications users are running when the software programs attempt to automatically download updates. With the wide number of known vulnerabilities existing in anti-virus programs, a hacker could easily take that information and use it to craft a targeted attack, the experts said.

The tools can even be used to garner similar data from smartphones and other data-centric handhelds, according to the researchers.

The best advice that the security experts offered to end-users to protect themselves is to use personal firewalls and VPNs to cloak as much of their information and activity as possible.

"It's not single pieces of information that we're warning about, it's the collection of pieces of data that offer detailed information about who you are," Maynor said. "If the government were collecting this information people would be up in arms, but as it is, they are already giving it away without a second thought."

Find your next job with computerworld UK jobs