From the ‘hostile Wi-Fi network‘ files:
The Wi-Fi network at last week’s Black Hat conference in Las Vegas was pummeled by multiple types of attacks — but the network held (at least that was my experience).
The stats are now out on the security status of the Wi-Fi network at Black Hat, which was run by wireless vendor Aruba Networks. I spoke with Aruba prior to the event and they were confident they had the gear to keep the network secure.
So what was the damage?
- 9 suspected rogue APs were detected.
- 175 attempts by a wireless user to access the Aruba mobility controller were blocked by the Aruba firewall.
- 23 impersonation attacks were detected.
- 71 non-Blackhat APs were detected.
- 154 denial-of-service (DoS) attacks were detected.
That doesn’t seem too crazy, but when you consider the briefings portion was only two days long, that’s a non-trivial amount of attacks for a Wi-Fi network.
The DoS attack number is the one that is the most significant in my view, especially when compared on a year over year basis. For 2008, Aruba reported only 24 DoS attacks.
That means (if my math is correct) there was a 600% increase in DoS attacks at Black Hat in 2009.
Come to think of it, I did have the odd connection drop when I was in the Augustus Ballroom, but overall as a user I really didn’t notice any significant connection issues when connected to the Black Hat Wi-Fi network this year.