In particularly, according to an executive of AirDefense, hackers at the show held March 10-16 are targeting specific devices. This is a trend that the company said it first noted at the 2005 RSA Conference held earlier this year.
"Hackers at this year's CeBIT came with a purpose in mind," Richard Rushing, chief security officer for AirDefense, said in a statement. "(They) were more focused on masquerading as a legitimate device rather than trying to capture information or redirect attendees."
The company said that intruders at CeBIT typically identified vulnerable devices, then, essentially, spoofed the network into thinking they were that device. This approach, according to AirDefense, involved launching a denial of service (DoS) attack on the device to get it off the network. The hackers would then spoof the MAC address of the device to connect to the network.
Rushing said that, often, the attacks were designed for a specific purpose, such as making it impossible for an exhibitor to demonstrate a product. He also surmised that some hackers were competing with each other to see how many wireless users they could disconnect.
AirDefense also noted a number of sloppy security practices among exhibitors. For instance, it claimed that many exhibitors named their access points after their company, making it easier for intruders to focus on and monitor a specific company's activities.
"Exhibitors who leave their wireless networks easily discoverable at these shows need to be made aware of the ease with which an intruder can access their network and cause damage," said Rushing.
AirDefense routinely monitors the airwaves at wireless industry trade shows and reports the results afterward. At CeBIT, it worked with German security vendor eSeSIX.