Industry View

Security Under Siege at the Airport

Security dangers aren't always so clandestine. One of the most serious threats to your firm's security could be sitting next to you... in the airport departure lounge.

By David Michaux

October 18, 2006CSO

Engineers from my company, a global security consultancy, have found documents and e-mails on public access terminals in airport departure lounges that could bring some global companies to their knees.

What began as a mixture of curiosity and boredom led consultants from our Dubai-based network security outfit to uncover a plethora of secrets left by globe-trotting executives logging on in between flights. While such senior figures possess high-level knowledge of their companies' affairs, many aren't equipped with knowledge of IT security precautions to match.

The average executive lounge offered to business and first-class flyers is equipped with a number of PCs that allow visitors open access to the Web. Each PC is installed with a standard Windows package that includes Microsoft Explorer, Outlook Express and sometimes Office.

As weary executives pull up to terminals, a sense of familiarity encourages them to behave as they would at home or in the office, and send an e-mail the same way. Why not use Outlook, just as they would at their desk?

But this could be a costly mistake.

Outlook Express is probably not configured to allow e-mails to be sent from such machines, so the correspondence simply moves to the system's outbox, where it remains indefinitely after the user clicks send. And if the system is configured to send messages, the e-mail that goes out is automatically saved to the machine's sent items folder. In either case, the message is ready for anyone to access at their leisure.

While traveling to meet clients, our engineers have found everything from intimate missives to mistresses (perfect for blackmail) to desktop-saved documents outlining multimillion-dollar deals, complete with profit margins and lowest bid values.

They also stumbled on something more sinister. Many machines, they found, are infected by Trojansor backdoor programsthat can monitor, record and relay information entered by the execs to someone watching their activities externally.

I remember a discovery I personally made while waiting for a delayed flight. As I was playing solitaire, I noticed heavy network traffic on the lounge machine's taskbar even though I wasn't using any network applications. After some delving, I was amazed to find Back Orifice 2000 (BO2K) as the culprit. It had been invisibly collecting my keystrokes and sending a record of them to a Hotmail account every 15 minutes!

I reported my findings to the lounge receptionist, who responded by explaining she couldn't take responsibility for the security of the machines.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
The Surest Path to Effective and Efficient Compliance

VeriSignIn this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.

» View the webcast

Featured Sponsors
Sponsored Links

Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now

Prepare for (ISC)2® Certification With Villanova - Online

Rolling the dice with your security? Take the Self-Assessment Test now

Diebold: Frost & Sullivan Global Physical Security Systems Integrator of the Year

Revolutionizing Endpoint Security with a Single Agent

Envision Identity-Based Access Control for the Datacenter

IT Service Management: Metrics That Matter

ITCi White Paper: Challenges and Opportunities of PCI

Effective Security with a Continuous Approach to ISO 27001 Compliance

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

Enabling Compliance with Converged Mainframe Security and Storage

The Case for Business Software Assurance ~ Securing Your Applications

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Learn how the new Quad-Core AMD Opteron™ processor improves performance

Configuration Audit and Control for Virtualized Environments

Take our CSO role survey and receive a copy of the results

Ponemon Study: How Much Does a Data Breach "Cost"?

Data Protection: Challenges for the Traveling User

Key strategies for C-level executives and security staff

Configuration Assessment: Choosing the Right Solution

The PCI Data Security Standard

Configuration Audit and Control for Virtualized Environments

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

Solving Online Credit Fraud Using Device Reputation