Thursday, October 27th, 2016 by Tyler Okhovatian
Wi-Fi Is everywhere. Organizations across all industries are facing increased pressure from customers, vendors, and employees to offer wireless access. In many industries, such as hospitality having a reliable wireless network is pretty much a requirement of staying in business. While offering this service provides gains, there are multiple areas of consideration for the provider, including mobile engagement and analytics, hotspots, IoT (Internet of Things), and the widening cellular spectrum capacity gap. In this post, we’ll explore the most common threats to the security of a wireless network.
Wireless access points that still use older security protocols, like WEP, make for easy targets because these passwords are notoriously easy to crack.
Nothing physically prevents a cyber criminal from enabling a foreign access point near your hotspot with a matching SSID that invites unsuspecting customers to log in. Users that fall victim to the rogue AP are susceptible to a malicious code injection that often goes unnoticed.
Customers who join a guest wireless network are susceptible to unknowingly walking out with unwanted malware, delivered from bad-intentioned neighboring users. A common tactic used by hackers is to plant a backdoor on the network, which allows them to return at a later date to steal sensitive information.
Guests run the risk of having their private communications detected, or packet sniffed, by nosey cyber snoops while on an unprotected wireless network.
Joining a wireless network puts users at risk of losing private documents that may contain highly sensitive information to cyber thieves who opportunistically intercept data being sent through the network.
Businesses offering guest Wi-Fi risk playing host to a wide variety of illegal and potentially harmful communication. Adult or extremist content can be offensive to neighboring users, and illegal downloads of protected media leave the business susceptible to copyright infringement lawsuits.
As the number of wireless users on the network grows, so does the risk of a pre-infected client entering the network. Mobile attacks, such as Android’s Stagefright, can spread from guest to guest, even if victim zero is oblivious to the outbreak.
Mundane communication over Wi-Fi can lead to a breach when a villainous actor secretly intercepts and alters legitimate conversations.
Attackers can cause a standstill in Wi-Fi access by intentionally sending large amounts of traffic to legitimate access points, which disables the appliance from legitimate use.
Cyber criminals set on breaching Wi-Fi security commonly attempt to disguise their devices as legitimate or known devices by spoofing MAC addresses.
Deploying access points without following Wi-Fi security best practices can lead to inadvertent mis-configurations, which often leads to a security risk.
In our next blog post we will review methods to improve the security of a business wireless network.