It’s fair to say that we have all been spending less time jumping onto Wi-Fi hotspots at cafes, hotels, airports or company guest networks, over the last sixth months. But as lockdown measures were eased, we saw more people looking for a change of scenery in coffee bars and pubs offering workspaces.
Whether at home or out and about, Wi-Fi has become something we have come to rely on for work and pleasure, while mobile operators increasingly use ‘hand-over’ to W-Fi networks as a way of meeting demand for capacity. But our need for anytime, anyplace connectivity, means that we are inclined to jump onto Wi-Fi hotspots with only passing concerns about security, creating a perfect hunting ground for attackers.
Hotspots that require no passwords and don’t use encryption mean that anyone with a simple packet sniffer can potentially pick up your login credentials to sensitive websites and applications. Hotspots that require a ‘password of the day’ are encrypted but a sophisticated Wi-Fi attacker can decrypt the traffic using easily available Wi-Fi hacking toolkits. And of course, the risks from hotspots are compounded when access devices are personal and unmanaged by Mobile Device Management (MDM) systems that can enforce security policies. Anyone deploying a Wi-Fi network should be aware of these top eight Wi-Fi risks.
Wi-Fi Password Cracking
Wireless access points that still use older security protocols such as WEP, make for easy targets because these passwords are notoriously easy to crack.
Rogue Hotspots
Nothing physically prevents a cyber criminal from enabling a foreign access point near your hotspot with a matching SSID that invites unsuspecting customers to log in. Users that fall victim to the rogue access point are susceptible to a malicious code injection that often goes unnoticed.
Evil Twins
It’s possible to mimic a hotspot using portable hardware such as The Pineapple, which is small enough to be stored in a backpack and costs as little as £150. This pretends to be the genuine Wi-Fi connection – so when an unsuspecting user connects, they are actually connecting to a hacking device.
Planting Malware
Customers who join a guest wireless network are susceptible to unknowingly walking out with unwanted malware, delivered from bad-intentioned neighbouring users. A common tactic used by hackers is to plant a backdoor on the network, which allows them to return at a later date to steal sensitive information.
Data Theft
Joining a wireless network puts users at risk of losing private data and documents. In retail environments, attackers focus their efforts on extracting payment transaction details such as credit card numbers, customer identities and mailing addresses.
Eavesdropping
Guests run the risk of having their private communications intercepted, or packet sniffed, by cyber snoops while on an unprotected wireless network.
Inappropriate and Illegal Usage
Businesses offering guest Wi-Fi risk playing host to a wide variety of illegal and potentially harmful communication. Adult or extremist content can be offensive to neighbouring users and illegal downloads of protected media leave the business susceptible to copyright infringement lawsuits.
Bad Neighbours
As the number of wireless users on the network grows, so does the risk of a pre-infected client entering the network. Mobile attacks, such as Android’s Stagefright, can spread from guest to guest, even if victim zero is oblivious to the outbreak.
Avoiding the security threats
There are best practices, which will help create a Trusted Wireless Environment. The first is to implement WPA2 Enterprise (802.1x) security protocol and all Wi-Fi traffic should also, at a minimum, be inspected for viruses and malware, including zero-day threats and advanced persistent threats. Application ID and control will monitor and optionally block certain risky traffic, while web content filtering will prevent unsuspecting users from accidentally clicking a hyperlink that invites exploitation, malware and backdoors to be loaded into your network.
Other measures include using strong passwords and changing them regularly, scanning for rogue Access Points (Aps) and whitelisting MAC addresses when possible. Finally, narrowing the Wi-Fi range will also reduce your risks.
The speed of Wi-Fi adoption has led to a disconnect between access and security. Many early APs and corresponding management systems focused purely on getting clients to connect with limited attention to protecting users and their data. But there is no longer any excuse for providing unsecure Wi-Fi and we shouldn’t have to feel we are living dangerously whenever we log on to a Wi-Fi hotspot.
Contributed by Martin Lethbridge, senior engineer at WatchGuard Technologies
