TechGuard Blog

Lock Hackers Out of Your Company's Wi-Fi

Wi-Fi technologies have created a world in which we can stay connected almost any time and anywhere. In fact, around the globe Wi-Fi has changed people's attitudes about where, when and how we work. According to researchers, more than two-thirds of people around the world work outside their office at least once every week. Even more, over 50% of people work remotely at least half of the week. Telecommuting has completely transformed the way we do business. More and more, businesses are seeking to reap the benefits of remote employees who are often times more productive workers and report higher job satisfaction.

However, with a reported 3.95 billion internet users it is important to remember that Wi-Fi technology is a perfect attack vector for malicious actors. Hackers are extremely opportunistic by nature and they look for any exploitable avenue they can to gain access to sensitive data.

 

He was Hacked Mid-Air

The stories of people getting hacked online are endless. One story that comes to mind is when a reporter was hacked during his flight. He was answering emails and a fellow passenger shared details with him informing him that he hacked into his computer as well as many others aboard the flight. The truth is it can happen to anyone in any place. It is crucial for businesses to be proactive. Take the necessary precautions to secure your company and to protect your company's reputation.

To successfully mitigate Wi-Fi risks, you must first understand them. For example, attackers use a combination of passive and active attack methods in an attempt to gain unauthorized access into your network. It is commonly known that hackers often target misconfigured, weak or vulnerable access points. However, there are many other points of entry that hackers use to completely bypass your perimeter defenses.

 

Watch out For These 7 Methods

  1. Rogue Wi-Fi networks: Rogue access points can completely bypass your perimeter defenses. Attackers ensure the rogue access points are enticing to employees, thus making it easy for them to gain access to valuable data.
  2. Man-in-the-middle attacks: Third parties can intercept data when connecting to free, public Wi-Fi. Hackers can easily position themselves between the Wi-Fi and the connection point.
  3. Distribution of malware over unsecured Wi-Fi: Unsecured Wi-Fi connections can be used to distribute malware infecting the software on your computers and devices.
  4. Snooping and sniffing: Special software kits enable hackers to eavesdrop on Wi-Fi signals. Specifically, these kits allow hackers to access everything your remote workers are doing online, potentially enabling them to capture login credentials and even hijack your accounts.
  5. Ad-Hoc attacks: The use of public Wi-Fi networks makes it possible for hackers to connect directly to the devices of remote workers.
  6. Password and username vulnerability: Logging onto public Wi-Fi leaves you and your employees vulnerable to having passwords and usernames stolen.
  7. Worm attacks: Unlike viruses, worms do not need a specific program to attack, they can wreak havoc all on their own. When connected to Wi-Fi, you risk a worm traveling from another device connected to the same network as yours.

 

What Can You Do to Secure Your Company's Wi-Fi?

First, and foremost, engage a third-party to perform a Wi-Fi Access Point Assessment. TechGuard's Wireless Access Point (WAP) Assessment attempts to identify vulnerabilities or weaknesses in your wireless network through:

  • Detection and identification of available network access points (both valid and rogue access points)
  • Evaluation of Access Point (AP) configurations
  • Evaluation of Wireless Authentication and Encryption standards
  • Analysis of security gaps

 

Additional Best Practices to Implement

  • Set up a virtual private network (VPN) for your company's network. In addition, require all remote workers to always log into the VPN.
  • Advise remote users to turn off Wi-Fi auto connect settings in addition to Bluetooth discoverability settings.
  • Ensure all remote workers have a firewall enabled on devices at all times.
  • Confirm that your network and all employee devices are using good anti-malware software.
  • Avoid the use of public Wi-Fi altogether by using a mobile hotspot provided through your mobile carrier or tether laptops to a mobile device.
  • Include the topic of internet usage in your company's security policies and follow up with Human Resources to determine how to ensure compliance.

 

Wi-Fi can allow others to gain access to important emails, encrypted messages and unsecured logins. When cyber criminals get their hands on that type of information, they use it to hack your devices and cause devastating consequences. The action steps mentioned above are important ways to keep your network secure. Regularly educate employees so they understand the risks and the importance of taking protective steps. Overall, the combination of implementing employee education and testing your security technology is necessary to keep hackers out.