AP NEWS
Press release content from Business Wire. The AP news staff was not involved in its creation.
PRESS RELEASE: Paid content from Business Wire
Press release content from Business Wire. The AP news staff was not involved in its creation.

Byos Cautions RSA Conference 2020 Attendees, Travelers and General Public to “Dirty Half-Dozen” Public Wi-Fi Risks

February 18, 2020 GMT

HALIFAX, Nova Scotia--(BUSINESS WIRE)--Feb 18, 2020--

Byos, Inc., an endpoint security company focused on concept of Endpoint Microsegmentation through Hardware-Enforced Isolation, recommends caution for attendees of major conferences and events such as the RSA Conference 2020, a leading cybersecurity conference in San Francisco, February 24-28, and travelers in general risks of Free Wi-Fi. Many attendees will access the Internet via multiple free Wi-Fi connection points from Hotels, Airports, Coffee Shops and the Conference itself, and every free Wi-Fi access presents security risks for users that Byos calls “The Dirty Half-Dozen.”

“Security professionals know that all networks are dirty or should at least be assumed as so,” said Matias Katz, CEO, Byos. “We are issuing this advisory as a public service to share our concerns with all conference attendees, reminding them and warning them of these risks.”

The Dirty Half-Dozen risks are:

  • Scanning, enumerating, and fingerprinting
  • Eavesdropping
  • Evil-Twin Wi-Fi
  • Exploits
  • Lateral network infections
  • DNS hijacking

Scanning, enumerating, and fingerprinting -- Network scanning programs are used to retrieve information about networked devices. Common scanners will tell the attacker what types of devices are connected to the network (laptop vs. printer vs. cellphone), which operating systems they’re running (GNU/Linux, Mac OSX, Windows 10, etc.), and what services they are running. Once the attacker has scanned the network, identifying a list of targets and vulnerabilities, they can take actions to steal, control, or manipulate the data.

Eavesdropping -- Also known as a sniffing or snooping attack, happens when an attacker steals, modifies or deletes essential information that is transmitted over the public Wi-Fi network.

Exploits -- Attackers use exploits to attack a victim’s device directly to trick a specific piece of software running on the victim’s device into running a different task than expected. This can give the attacker backdoor access to the victim computer. Once the device is accessed, the attacker can disable their security software and steal their data by rerouting traffic to their own servers often unnoticed by the victim.

Evil-Twin Wi-Fi -- Evil-Twin Wi-Fi are fake Wi-Fi networks created by an attacker, mimicking a real network in its network name, otherwise known as an SSID. Once connected to it, users inadvertently send all traffic to the adversary before it’s forwarded to the internet.

Lateral Network Infections -- Malware and attackers often move laterally through networks and devices which have no “insulation” from their network. Malware is written to evade common AV engines, making traditional endpoint security software an imperfect solution.

DNS hijacking -- DNS requests are all of the website/domain names and Google searches typed into your browser. This traffic can be used to identify your browsing habits and other personally identifiable information, allowing an attacker to redirect or subvert DNS requests to malicious sites. To perform the attack, perpetrators either install malware on user computers, take over routers, or intercept or hack DNS communications.

“Security conference attendees need to pay attention to how they access the Internet over free Wi-Fi and use best practices - including ensuring that appropriate hardware and software security technology is in place before they go to the show - and use common sense,” said Katz. “Byos will be discussing the risks of the Dirty Half-Dozen at our RSA Conference 2020 booth and speaking slot in the Early Stage Expo (Booth ESE-24 and speaking slot at 9:30am, Feb. 25) and offer advice on how to protect your devices and data from threats that are not addressed by the current prevailing endpoint security measures.”

About BYOS

Byos is an endpoint security company based in Halifax, Nova Scotia, Canada and has a team with decades of combined defensive and offensive security solutions, on-demand incident detection and response services, personalized strategy planning and execution for hands-on public and private sector IT security clients.

The Byos Endpoint Security Platform is the first and only endpoint microsegmentation solution that allows employees and devices to safely and securely connect to any network, regardless of their location or network environment. The platform’s key component is the Byos μGateway™ - a small, portable “security stack on a USB stick” protecting devices from attacks that exist on dirty networks, while letting IT teams deliver cost-effective security management to the highest risk, highest frequency remote employees and connected devices through centralized provisioning and real-time remote policy enforcement.

The Byos solution is available for early access customers today and will be generally available later this year. For more, go to https://byos.io/.

View source version on businesswire.com:https://www.businesswire.com/news/home/20200218005756/en/

CONTACT: Dan Chmielewski

Madison Alexander PR

714-832-8716

949-231-2965

dchm@madisonalexanderpr.com

KEYWORD: UNITED STATES NORTH AMERICA CANADA CALIFORNIA MAINE

INDUSTRY KEYWORD: HARDWARE RETAIL SECURITY DATA MANAGEMENT TECHNOLOGY OTHER CONSUMER LODGING TRAVEL TELECOMMUNICATIONS SOFTWARE NETWORKS FOOD/BEVERAGE CONSUMER INTERNET MOBILE/WIRELESS

SOURCE: Byos, Inc.

Copyright Business Wire 2020.

PUB: 02/18/2020 10:37 AM/DISC: 02/18/2020 10:37 AM

http://www.businesswire.com/news/home/20200218005756/en