Newly identified attacks at this year's Defcon involved the use of multiple APs to form a phishing trap, otherwise known as a multi-pot. This attack has existed for quite some time, so hackers focused on easier to implement variations which are difficult to detect, more damaging and especially effective. In one example, the attack entitled "Bad Karma" included functions that enable the attacker to phish clients without causing them to re-authenticate to the attacker's AP.
AirDefense also spotted several new variations of wireless denial of service (DoS) attacks both at the driver level and RF level. Fuzzing attacks, revealed at last year's Defcon 14, advanced using a wider variety of frame modifications to impact additional types of wireless devices. In fuzzing attacks, frames are specifically crafted to cause a wireless device to crash and sometimes deliver a payload that can compromise the device. The new variations introduced at Defcon 15 appear to target radios in newer embedded platforms. Additionally, AirDefense observed 12 instances of a new RF Jamming technique that uses standard 802.11 radios to block the entire 2.4 GHz spectrum. Although jamming will always be a problem, this attack is particularly problematic as it uses standard 802.11 radios instead of requiring specialized hardware.
As a result of AirDefense's monitoring efforts at Defcon 15, along with the company's commitment to ensuring customers have the most up-to-date protection, AirDefense quickly released updated software that detects each of the new attacks and enhances the protection methods implemented throughout the system. AirDefense's patented WEP Cloaking solution, which increases the security of WEP networks, already includes protection for each of the attacks proposed by hackers at Defcon.
"Security leaders have always been in a race with hackers," said Amit Sinha, CTO of AirDefense. "The largest enterprises and most secure government organizations choose AirDefense because of the expertise that goes into the early identification of threats and the speed at which we are able to react after new threats are released. Customers can rest assured that AirDefense is working around the clock to protect their networks and data."