How secure is my wireless network?

With smartphones and tablets a permanent part of people's lives, wireless connectivity is a mainstay for most corporate networks. BYOD (Bring Your Own Devices) is standard but it puts a new wrench in the cogs of your security. Traditional security for a local network behind a firewall isn't enough to properly protect a wireless network open to several devices and guests. You may think that your wireless access point is secure, but without a professional to review and test, you could be giving access to attackers.

Leaving default factory settings is more common than you think

In 2016, the world saw the biggest DDoS attack in history that slowed down Internet access for the entire East Coast of the United States. The attack stemmed from tens of thousands of hacked IoT devices and wireless routers with default factory settings including the manufacturer's default password. The result was that the attackers were able to bring a French telecom to its knees along with Dyn, one of the major DNS providers that host much of the Internet's DNS traffic. By taking down Dyn, services from the US to Europe were affected.

The attack was a new and innovative malware called Mirai. Mirai scans the Internet for IoT devices using default factory settings including wireless routers. What made it even more potent is that it actively attacked its predecessor and competing for malware, Qbot, which had been traditionally used to infect the same devices. It removed Qbot and stayed active on the device until a reboot. After a reboot, however, the device would be re-infected and become a part of the zombie network controlled by the attackers.

Any security professional will tell you that leaving a public wireless access point with default settings is a big mistake, but most people - including executives, administrators, and the average user - don't understand the implications of leaving wireless security open on their devices. Even worse, most people don't know the signs of a poorly secured router and what happens when their device becomes a part of a massive attack on the Internet itself or how to stop it.

Mirai creators have even made the source code public, and it's behind the latest 100,000-device botnet locked and loaded and ready to attack at any time.

Endpoint Security and Your Own Wireless Access Points

In many security incidents, the local administrators and security are competent. The weakness is in the users who have unfettered access to data. Phishing emails sent directly to key personnel leave the local machine open to attackers who then use the employee's own credentials to access the network.

With BYOD policies, it becomes especially tricky for security administrators to protect the network. Take smartphones, for instance. Just about every user has a smartphone or tablet. Users bring theirs to work and have complete control of what apps are installed. It's their personal device, so network administrators are unable to control applications installed. Take a look at search results for Google Play and the massive amount of malware that sneaks into the network. Some apps filled with malware have been downloaded millions of times. This malware could potentially scan your local network when users connect to a wireless device and drop a copy of itself on a network drive.

Some corporations segment wireless access points from the rest of the network. With public access points, the wireless network should always be separated from the local network by a firewall. Never allow public access to a router within the local network. This means that users won't be able to access local data, but it also means malware can't silently copy itself to a corporate drive that could later be used by an unsuspecting corporate user.

Encryption, Passcodes, and SSIDs

Many ISPs provide wireless routers with WPS (Wi-Fi protected setup). WPS is supposed to make it easy for the average consumer to install their router and set up security without any of the manual configurations. As most security people will tell you, security has the inherent problem of providing secure access when needed without inhibiting productivity. Unfortunately, to secure a network often means that security procedures are not convenient.

WPS creates its own vulnerabilities. These devices have an 8-digit pin security password attached to them that allows users to conveniently set up WPA wireless encryption. The issue is that known password lengths are a security vulnerability. It tells an attacker that a finite number of digits are used to protect the router, so they can use combinations with a limited data set using brute force attacks.

Just like many users leave default passwords active, they also don't encrypt their wireless connection. If no password is active on your router, it creates a large security threat. Another option is to stop broadcasting your wireless access point's SSID, which will hide it when a user browses available connections, but a crafty attacker can use tools that find hidden SSIDs. These tools can be used by attackers, but you can also use them to assess your own wireless security. Some insider threats include an attacker connecting a wireless router to the network and hiding it by disabling SSID broadcasting.

For years, security experts told users to set up WPA2 wireless encryption, but it's recently been cracked. Routers with wireless access using WPS and WPA2 security are especially vulnerable because a tool named Reaver cracks passwords on them. The solution is to remove WPS and use long passwords for your WPA2 security.

Auditing and Logging

For healthcare businesses and any organisation that stores credit card data, you should be familiar with HIPAA and PCI compliance. Both guidelines require auditing and logging. Your router should provide even standard logging to backtrack and review suspicious behavior. If you don't have logging set up, you could be out of compliance. Logging helps you identify attacks. Without it, you could be a victim in the dark unknowingly a target for an attacker that has been scanning your wireless network security.

Logging also helps you audit previous attacks. With logging, you can review what went wrong, how the attacker got through, and provide better filters in the future.

In many cases, logging helps you identify open unused ports. These ports are usually unmonitored because you don't offer any services for them. However, they can be used by attackers that can connect to the wireless router and then access the local network based on router settings. Always close unused ports, and doing an audit of the logs can tell you which ones are used even though you have no services running.

Wireless networks should be a priority for a security review

If you haven't reviewed wireless security and have a BYOD policy, it's time to have professionals review your security. It could be that you need additional infrastructure, or you could just need a few better security configurations to make your wireless security airtight in case of an attack.

Security incidents cost billions every year in reparations, legal fees, and brand damage. It should be a priority for any organisation. BlackStone Associates can help.

What next?

BlackStone Associates offer a 360-degree approach to technology solutions and services in the areas of audio visual, network, security, Wireless/Copper infrastructure and Consulting & Advisory.

If you would like to find out more about how our IT services can protect and grow your business, click here to book your free consultation call.

About BlackStone Associates

Established in 2014, BlackStone Associates is a leading provider of IT solutions and critical IT Support in Berkshire, Buckinghamshire, Middlesex, Surrey & London. Offering a complete portfolio of innovative and robust IT services that enable businesses, of all sizes and sectors, to create modern-age, digital workspaces, that are designed to scale and support the current and future demands of its workforce.

As a vendor independent company, our loyalty is soley to you, our customer. Consequently, customer satisfaction is at the heart of BlackStone Associates' success, with its ability to deliver tailored IT and network solutions at an affordable price.

With an expert team of engineers and support staff with 20 years of experience, it's no wonder why many businesses & organisations trust BlackStone Associates to design, implement, manage and support their IT operations.

Previous

||

Resources

||

Next: What are the business benefits of upgrading to Windows 10?

Why choose BlackStone Associates as your IT partner?

Maximise your IT investments

Cost effective & scalable solutions

Technology roadmap & planning

Quick resolution of IT issues

Technology aligned to your goals

Book a free consultation now

How can we help?

01753 369 701

contact@ba-tss.co.uk

BlackStone Associates implemented systems & controls that eliminated hours of downtime we had experienced with past vendors. They consistently recommend the most cost effective systems/procedures and constantly look out for our company's best interests.

Associate
Bradley James Executive Search

Business critical IT Support

For IT advice and guidance, or to enquire about our IT support and maintenance services, please contact us and a member of our team will be happy to help you:

01753 369 701

contact@ba-tss.co.uk

Fast response times

Instantaneous and direct phone access

Highly flexible and cost-effective

Specialist capabilities and experience

Aligned and scalable to your business

Gain a fresh perspective on your IT needs

Book a free IT assessment with BlackStone Associates today and we will find you new, innovative and easy-to-implement IT solutions which make your business operations run more smoothly.

Request an assessment
london-it-support