TMCnet News

Beware of WiPhishing: Cirond Warns of New Wireless Security Danger
[February 04, 2005]

Beware of WiPhishing: Cirond Warns of New Wireless Security Danger


SAN JOSE, Calif. --(Business Wire)-- Feb. 4, 2005 -- Cirond CEO Nicholas Miller to Speak about This Growing Threat at Major Security & Privacy Conference in Victoria, B.C. on February 10, 2005

Cirond Corporation (OTCBB:CROO) today warned of a new and growing danger facing users of wireless-equipped laptop computers and companies whose employees use these devices. The company calls this threat "WiPhishing" (pronounced "why fishing") and it is serious enough that it can expose all the shared information on a user's laptop computer -- and potentially even information on traditional wired computer networks -- to wireless "hacking" by criminals intent on stealing the user's personal information and introducing computer viruses, worms or even "keystroke loggers" onto the laptop. These WiPhishing hackers don't even have to be in the same building as the victim -- wireless network technology can allow them to "attract" wireless-equipped laptops from across the street or even the parking lot.



Mr. Miller will outline the company's strategy to combat this threat when he speaks to an audience of government and industry computer security professionals at the 6th Annual Security and Privacy Conference & Exposition at the Victoria Conference Centre in Victoria, B.C., Canada on February 10, 2005. He urged users to become aware of this threat and take action to combat it.

"We call WiPhishing the act of covertly setting up a wireless-enabled laptop or access point for the purpose of getting wireless laptops to associate with it," explained Mr. Miller. "Hackers who are on a "WiFishing expedition" may set the name of their rogue wireless access point (or laptop) to an SSID (ie. wireless network name) that is commonly used by wireless laptop users. The wireless network software can then cause the user's wireless laptop to automatically connect to hacker's wireless access point or wireless-equipped laptop. They will seek to attract people whose home networks may be set to common default SSID names such as Linksys, Netgear, SMC, Wireless -- or a hotspot with an SSID such as T-Mobile, Wayport or FatPort. Hackers are also likely to increasingly post common SSID names on their Web sites as this practice gains momentum."


In his presentation at the Victoria conference, Mr. Miller will explain how Cirond has developed an easy-to-use way to address this serious security problem. He said it parallels the work undertaken by Dr. Phil Nobles, wireless Internet and cyber-crime expert at Cranfield University, academic partner of the Defence Academy of the UK.

Dr. Nobles, who has shared his findings with Mr. Miller, warned last month of what he called the danger of 'Evil Twin' wireless hotspots. "In essence, users think they've logged on to a wireless hotspot connection when, in fact, they've been tricked to connect to the attacker's un-authorised base station," he said. "The latter jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client -- thereby turning itself into an 'Evil Twin'." He said that once the user is connected to the 'Evil Twin', the cyber criminal can intercept data being transmitted, such as bank details or personal information.

About Cirond

San Jose, California-based Cirond Corporation (OTCBB:CROO.ob) is a network security company dedicated to securing wired and wireless networks against the rapidly growing security threat represented by the deployment of unauthorized wireless devices. Cirond products include AirSafe(TM) (a utility that automatically disables a notebook computer's wireless radio whenever the computer is plugged into a wired corporate network), AirPatrol Mobile(TM) (a software-only solution for detecting and locating rogue wireless devices using a laptop or Tablet PC mobile computer), AirPatrol Sentinel(TM) (a software-based network scanning tool that provides 24/7 "wired side" detection of unauthorized wireless devices) and AirPatrol Enterprise(TM) (a comprehensive network security solution which provides complete 24/7 detection and location of all unauthorized wireless devices in an organization). Cirond also sells the Winc(TM) and pocketWinc(TM) wireless connectivity tools for the Windows and Pocket PC family of operating systems.

Cautionary Statement About Forward Looking Statements

Forward looking statements as set forth in this press release are necessarily based upon estimates and assumptions that are inherently subject to significant business, economic and competitive uncertainties and contingencies, many of which are beyond the Company's control and many of which, with respect to future business decisions, are subject to change. These uncertainties and contingencies can affect actual results and could cause actual results to differ materially from those expressed in any forward looking statements made by or on behalf of the Company. The Company disclaims any obligation to update forward looking statements. These statements are subject to risks and uncertainties, including without limitation, the price/performance requirements of customers, the ability to sell products incorporating the technology, the impact and pricing of competing technologies, the introduction of alternative technological solutions, and other risks detailed from time-to-time in Cirond's SEC filings and reports.

[ Back To TMCnet.com's Homepage ]