Rogue Access Point: The Ghostly Attack Surface That You Are Missing

Who’s watching you?

WiFi, Bluetooth and IoT devices are by nature vulnerable to be infiltrated by hackers without being detected. As more and more connected devices enter the workplace and the majority of them being wireless, organizations are overlooking the increasing threat of wireless network attacks and failing to monitor rogue devices and protect their network access points.  

Wi-Fi/mobile upgrade entices enterprises to share more data, and hackers to steal them

The leap from Wi-Fi 4 (802.11n) to next-gen Wi-Fi 6 (802.11ax) is set to change the way we work and store data. This jump in speeds (54Mbps) makes next-gen Wi-Fi a viable option for organizations looking to transfer large volumes of data which in turn can open doors to hackers. Previously, where Wi-Fi are somewhat limited to the realms of smart devices and IoT (laptops, smart phones, tablets, watches), from 2020 it will finally be an avenue businesses explore for larger data volumes applications.

The newest mobile standard, 5G, is being rolled out across the world and promises big improvements in speed and reliability which adds additional complexities to the threat landscape. As hackers look to expose mobile-to-Wi-Fi handover processes, it’s very likely that we will see a large security vulnerability being exposed in 2020, affecting businesses as they allow IoT devices to connect to their network providing rogue access to dangerous hackers.

Attack surface on the rise

Misconfiguration and shadow IT are already a widespread problem and will most certainly get worse for organizations managing wireless security. Combined with the growing uptake of IoT devices, it’s easy to see how the new risks presented by reliance on wireless technologies within workplaces will increase. Organizations need to apply the same security fundamentals to protect their wireless airspace and prevent hackers getting in. Wireless security will become a shared responsibility between networking team and security, and the top wireless threats businesses should be prepared for in 2020 are:

1. Shadow IT
2. Misconfiguration on non-primary and/or temporary sites
3. Rogue Devices
4. IoT/Bluetooth devices
5. Rogue access

IoT is a security timebomb

As much as the proliferation of Internet banking and internet shopping has put the spotlight on security, so will the vast deployment of IoT devices. Recent data indicates there are 26.6 billion IoT devices currently in use in 2019 and the growth in use of at voice-controlled assistants and AI in 2019 has brought new focuss on how much of our information is being used for marketing or other ‘unknown’ uses. This offers new opportunities for hackers to harvest and gather data so it’s becoming essential for security teams to take control of their external airspace and maximize their security coverage.

Gaining visibility of the wireless airspace is something many organisations and security teams have struggled due to the volume and capabilities being restricted to network teams. However, as we see reports of successful wireless attacks increasing, annual pen testing of wireless for compliance will become redundant.

Growing threats of DDos attack and KeySniffers

The growing threat of Distributed Denial of Services (DDoS) attack, which are fueled by IoT botnets are a concern and more of us are unearthing attacks on wireless communications or access points (that includes Man-in-the-Middle attacks) and MitM attacks. In December 2019 a $1million wire transfer from a Chinese venture-capital firm intended for a startup was intercepted by hackers. Last year, some 40 million credit and debit card numbers were sold after hackers had compromised wireless computer networks of major retailers including Forever 21.

Wireless keylogging might be one of the oldest forms of cyber threat, however it is still a common form for hackers looking to steal your data. It’s cheap and easy to execute and we’ve seen hackers use hotel Wi-Fi to steal the data of business execs in China, Japan and Russia using key logging.

Don’t ignore Bluetooth – the danger is in the air

Bluetooth can be overlooked as an attack vector but this technology can be extremely harmful for businesses. The simple act of pairing devices (headphones, keyboards) to one another can provide hackers an entry to intercept and infiltrate your enterprise network. Sophisticated hackers with malicious intent have exploited several Bluetooth flaws to steal data or install malware, including BlueBorne, Bluetooth Low Energy Jamming and Bleedingbit. In May 2019 Google announced it would replace faulty Titan security keys due to a vulnerability detected in the keys' Bluetooth pairing process where hackers could take control of a user’s device.

Wireless Security: Starts with device monitoring

Just because you can’t see it doesn’t mean the risk is not there. It’s important for organizations to implement the same security checks to their wireless airspace as other areas of your infrastructure. Detecting rogue device access and having greater visibility of unknown devices will be key to helping you mitigate against IoT and wireless attacks in 2020. Be wary of poor configuration and password miss-management, as these are becoming major footholds for hackers into your organization.

2019 marks a year where perceptions and awareness of cyber attacks outpace prevention and action. Despite recent high-profile attacks, we are concerned that a “head in the sand” strategy continues to reign. We fear that those organizations not making the necessary cyber security investments won’t be able to hide forever.

High-quality tools like Pwn Pulse, our wireless security product, provide you with in-depth visibility over your network to detect rogue devices, that’s easy to deploy with an easy to use interface. More devices, especially those that are unsecured, can quickly cause problems and Pwn Pulse reduces the risk and eliminates complexities of evolving digital ecosytems.