Menu
Prevent pricey Wi-Fi security errors

Prevent pricey Wi-Fi security errors

An innocent-looking cafe may harbor a nest of fraudsters, identity thieves and other miscreants, security experts warn.

Although companies may think they have taken all the right steps to secure their networks, they could still be vulnerable if their employees access wireless hotspots, such as those at a local cafe.

In a report issued by security vendor Fortinet Inc., Richard Hanke, U.S.-based vice president of product management, says most mobile users do not realize that once connected to a wireless hotspot, they become a member of a connected community of users - most or all of whom are strangers.

And he warns this poses significant security risks as there is often little or no control of what can pass from user to user via a wireless access point, and that can have disastrous consequences.

"A hapless, latté-sipping web surfer can easily become infected with a virus or worm that has been picked up by a neighboring user," writes Hanke.

But he says the real damage occurs when the newly infected user returns to work and connects to the organization's wireless access point.

A worm picked up during the coffee break can then race unhindered into corporate networks and could cause significant damage.

"That innocent cup of coffee just cost your company thousands of dollars and sent you scrambling to clean the network," states Hanke.

Local security guru Tony Krzyzewski, managing director of Kaon Technologies, says the risks posed by wireless cafes are no different to those faced with any other method of connecting to the internet.

Although the risks can be reduced by basic security precautions, Krzyzewski warns that portable computers are one of the most common carriers of threats into corporate networks.

"Which is why it is absolutely essential to have a personal firewall, spyware control and antivirus up to date on portable computers," he says.

But John King, managing director of Auckland security specialist Expert Solution Providers (ESP), says wireless networks are dangerous because they are a shared medium.

"If users are not sitting in their own WLAN [wireless local area network] or using encryption to talk from the client to the access point, then all the traffic is visible to all the users," he says.

"You would need nothing more complicated than a copy of a serial freely available on the internet to capture packets."

Meanwhile, Hanke warns once a user is authenticated and connects to a wireless access point, the wireless channel - even if encrypted - can easily deliver content threats into the wired network, from inside the organization's typical perimeter defenses such as a firewall.

King says many wireless hotspots are not based on a meshed network where the user is dropped in a WLAN with a sign-on and an encrypted link.

"A lot of wireless networks are easy to set up. The problem is control of access points. Most internet cafes spend $149 on an access point, which gives you nothing in terms of security," he says.

By using tools freely available on the internet, King says, hackers could access a wireless network's SSID (service set identifier) - which uniquely names that network - in 45 seconds, and bypass filters on access points in five minutes.

This leaves users open to virus or worm infections and denial-of-service attacks, while sensitive data can be intercepted.

"A personal firewall will prevent other people from getting to you on that wireless network, but it won't prevent your traffic being grabbed," he says.

Krzyzewski says that although organizations know of these dangers, there is still some room for improvement in how they protect themselves.

"The majority of organizations are aware of these risks - how they actually control them varies dramatically," he says.

"We always recommend you put adequate protection on the remote machine and if those machines are connecting to the corporate network you put adequate defense and authentication methods in place to protect the connection back into the organization."

Krzyzewski and King agree with Hanke that multiple layers of security - residing at the network gateway, on internal servers and on individual clients or endpoints - are required to offer complete protection, while education is the first step in establishing all those barriers of security.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments