Industry View
Security Under Siege at the Airport
Security dangers aren't always so clandestine. One of the most serious threats to your firm's security could be sitting next to you... in the airport departure lounge.
By David Michaux
October 18, 2006 — CSO —
Engineers from my company, a global security consultancy, have found documents and e-mails on public access terminals in airport departure lounges that could bring some global companies to their knees.
What began as a mixture of curiosity and boredom led consultants from our Dubai-based network security outfit to uncover a plethora of secrets left by globe-trotting executives logging on in between flights. While such senior figures possess high-level knowledge of their companies' affairs, many aren't equipped with knowledge of IT security precautions to match.
The average executive lounge offered to business and first-class flyers is equipped with a number of PCs that allow visitors open access to the Web. Each PC is installed with a standard Windows package that includes Microsoft Explorer, Outlook Express and sometimes Office.
As weary executives pull up to terminals, a sense of familiarity encourages them to behave as they would at home or in the office, and send an e-mail the same way. Why not use Outlook, just as they would at their desk?
But this could be a costly mistake.
Outlook Express is probably not configured to allow e-mails to be sent from such machines, so the correspondence simply moves to the system's outbox, where it remains indefinitely after the user clicks send. And if the system is configured to send messages, the e-mail that goes out is automatically saved to the machine's sent items folder. In either case, the message is ready for anyone to access at their leisure.
While traveling to meet clients, our engineers have found everything from intimate missives to mistresses (perfect for blackmail) to desktop-saved documents outlining multimillion-dollar deals, complete with profit margins and lowest bid values.
They also stumbled on something more sinister. Many machines, they found, are infected by Trojans
I remember a discovery I personally made while waiting for a delayed flight. As I was playing solitaire, I noticed heavy network traffic on the lounge machine's taskbar even though I wasn't using any network applications. After some delving, I was amazed to find Back Orifice 2000 (BO2K) as the culprit. It had been invisibly collecting my keystrokes and sending a record of them to a Hotmail account every 15 minutes!
I reported my findings to the lounge receptionist, who responded by explaining she couldn't take responsibility for the security of the machines.
$firstKeyword
Log Management in a Cyber World
With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.
Comparing Research in Motion and Microsoft Mobile Solutions
Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.
- Continuous PCI Compliance and Security with Tripwire Solutions
- PCI DSS Compliance in the UNIX/Linux Datacenter Environment
- The Pursuit of a Standardized Solution for Secure Enterprise RBAC
- Building a Secure and Compliant Windows Desktop
- Root Access Risk Control for the Enterprise
- Demystifying IT Risk to Achieve Greater Security & Compliance
Stay current with insightful news and analysis on information security, business continuity, identity and access management, loss prevention and more with CSO newsletters!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
