A trio of French journalists from Global Security Magazine were reportedly kicked out of the Black Hat security conference in Las Vegas for targeting fellow reporters in the press room with a WiFi hack.
The offending journalists/hackers may have used a network-sniffing tool called “Cain” to capture username and password information sent out in the clear over the WiFi network in the press room, according to reports from two journalists who were targeted, eWeek’s Brian Prince and Cnet’s Elinor Mills. The Black Hat conference has an open — and notoriously hostile — WiFi network that hackers constantly poke around on, but the press room WiFi network is off-limits, according to conference rules.
The three were were identified as Dominique Jouniot, Mauro Israel and Marc Brami, and reportedly they attempted to get their fellow journalists listed on the Wall of Sheep, a public wall that identifies supposed security pros who use the conference networks in insecure ways.
Apparently the folks running the Wall of Sheep refused, and after word got around to conference authorities, the trio of hackers was summarily booted from the conference — despite the fact that Global Security Magazine was a sponsor of the event.
“Alas, I broke one of the cardinal rules of security and, but for the grace of the Black Hat conference staff, would have had my name added to the infamous Wall of Sheep,” Prince wrote in a writeup of the incident for eWeek. Other than an automatic reply that noted Prince was at the Black Hat conference, he didn’t immediately respond to e-mail from TechNewsWorld.
Sending Passwords in the Clear?
“Now some may ask why I used my password in the clear in the first place,” Prince wrote.
“There’s no good answer to this question, though I will say the application I was using does not require SSL VPN (secure sockets layer virtual private network) for remote access. Previously, a similar application we used here at eWeek did. But with it no longer necessary to log in, I got out of the habit of using the SSL VPN client on my computer,” he explained.
CNET’s Mills apparently saw the trio in action but didn’t think much of it at the time. “Speaking French, they acted excited and furtive, like they were doing something they weren’t supposed to be doing –like boys sneaking a peak at dad’s Playboy magazines,” she wrote in her Cnet post on the experience.
After she noticed their press badges, she didn’t think anything more of their behavior. Only later did she learn that they were claiming to have hacked her Cnet login details — though the resulting evidence appears to imply that the trio may not have gotten the goods.
Mills originally was using a Sprint wireless air card but was uploading video and wanted to make the process faster, so she switched to the press room WiFi. Still, she used VPN with a strong password. Later, she apparently examined a screenshot of the allegedly breached usernames and passwords and noticed that the one purportedly associated with Cnet News was not anything remotely similar to a username or password that she or her Cnet colleagues used.
“Maybe the breach was fake,” she wrote.
After the trio was kicked out, Mills called Brami, who reportedly said the whole thing was “a big mistake” and “For us, it was like a joke.”
“Some joke? Snooping on other journalists’ passwords in the press room. Maybe they were confused about the purpose of the Wall of Sheep, which is designed to keep security professionals attending the show on their toes,” Mills wrote.
“I learned that while it may not exactly be a badge of honor to get hacked, the odds of it happening are higher the longer you hang out with hackers,” she added.
So what’s the best way to protect a laptop that must use an open WiFi network?
“Use a VPN,” Bruce Schneier, a security technologist and author, told TechNewsWorld.
“‘Best’ is a tricky word,” he added, “[But] it’s certainly easy and effective.”