Nowadays, specifically in this IoT era, Wi-Fi is becoming a standard that is under continuous improvement. The main researches are focusing on how to increase the speed, reduce costs or having more innovative way to exploit this technology such as Li-Fi (using the light as a Wi-Fi).Unfortunately, security is not a concern for these developments.
A Wi-Fi use a wide range cover to allow people to connect to it. Instead of traditional network where you need to connect with a cable, Wi-Fi can be connected within several meters’ distance from the box. (Allowing people outside your office to detect and connect to it)
Furthermore, most of Wi-Fi connection are also used for private devices and/or devices not capable to join a domain (logical perimeters that belong to your company and can setup security policies by default).
Your Wi-Fi name, on opposite to cable network, is only spread at a certain frequency, which is why sometimes you need to wait few seconds before seeing the network you are looking for.
Finally, most of the time, Wi-Fi isn’t physically disconnect from your primary network, in the best-case scenario it is only logically divided by subnetwork or security policies.
As I previously said, the detection range is a pain-point because it allows unexpected people to detect and connect to it. Even having your Wi-Fi hidden (Hidden SSID) is not a protection, several tools exists to detected and identified hidden Wi-Fi.
Oh yes! I forget the password… Wi-Fi password (It exist several kind of protocol) are generally not secured at all. The most used, WPA/WEP, can be cracked and find within minutes, the complexity of the password does not matter. (not really)
Worst of it, when joining a Wi-Fi, users are capable to choose by themselves the security level they want to apply (The famous home, company, public network option you have in Windows after joining a wireless network). It results, mainly, in the possibility to other Wi-Fi’ users to detect you and access your public folders in your computer. (yes, maybe you did not know that…)
A lot of trouble could result from this, malware, spying, data theft, etc… In my company, for security purpose, we have a box that can simulate Wi-Fi to catch users. As I mentioned, your Wi-Fi name is only spread at a certain frequency, our tools can analyze this frequency and send the same Wi-Fi name during the interval time. That will result in you connecting to the same Wi-Fi name but which is a different network. (have you ever experienced your regular Wi-Fi asking you again the password despite the fact you asked him to remember it…? Too bad because it could mean that it was a fake Wi-Fi…)
Now if I’m a real bad guy I will simulate an authentication portal after your connection and ask for your phone number or I will say a little speech like:
“ Dear users, our [COMPANY NAME], as decided to improve our Wi-Fi security, we are now requiring you to use your Windows authentication to access network”
You will input your ID password and Hackers will open internet to you… How wonderful, now they have plenty of credentials.
Let’s simplify this into three major risks (but there is a huge bunch of it):
As mentioned just before, Hackers will steal your credentials and use them to connect, legally, to your real network, or worse, connect to your enterprise application, servers or whatever (yes, most of the time company use the same unified ID/PWD management).
Is this case the hackers could only sniff the network to find appropriate target and deploy a malware that could leak data, encrypt your file, send technical information outside or only be sleeping until a desired time decided by the hackers.
Your Wi-Fi is also a good entry door for them because, as I mentioned, Wi-Fi security is weak and not physically disconnected to your physical network. It means that if they can hack your Wi-Fi they can change your configuration to modify the fact that your Wi-Fi is disconnected to your primary network…
Wi-Fi, sometimes, need to be deployed, however let’s try the following principles:
If it is a guest Wi-Fi, disconnect it, physically, to your primary network, using a specific and dedicated internet connection.
If it is an employee Wi-Fi, certificate can be a first security layer, however it can’t be the only one since certificate can be stolen and devices can be emulated. It also does not avoid fake Wi-Fi to introduce your employees’ devices.
The best way to guarantee your security is to strengthen the ID security using professional tools with 2 factors authentications excluding ID/PWD factor. (Mobile Device Management, Localization, behavior analysis, Third parties authentication, ...)
P.S.: My article picture show how Police unit are using Wi-Fi hacking system to detect people within a room they need to enter… (using their smartphones, even if not connected to Wi-Fi)
Original post: Wi-Fi, the most unsecure way to connect to your network.