#TuesdayTips - Delivering secure Wi-Fi

Posted 24 January 2017 by Ben Salisbury

For households and businesses having access to and receiving safe and secure Wi-Fi is important but with a host of threats network security is vital

Wi-Fi is increasingly important for all of us whether we are at home, at work or out and about.

Receiving reliable Wi-Fi is not just a nice added extra these days, for most households it is a vital element that greatly contributes to their quality of life and can have added importance if it means working from home is an option.

Every household is different but in ours of two adults and two teenagers, the pressure put on the broadband signal can be intense with laptops, games consoles, online TV services, smartphones and computers all fighting for the bandwidth at the same time.

The area we live in does not have a particularly good broadband signal so at times, we have to move devices to get a signal or use boosters to plug in, one near the router and one near the computer to get a decent Wi-Fi connection, which is obviously an extra cost.

There are plenty of other factors to consider when using Wi-Fi away from the home, not least security issues when you connect to Wi-Fi in public spaces such as internet café’s, pubs and airports and for businesses making sure they are protected from malware and viruses and that their Wi-Fi hotspot is secure and does not allow threats through.

Tony Evans from Wick Hill highlights the risks of Wi-Fi and provides some advice for delivering a secure hotspot.

Wi-Fi is on the top of the list of must-haves for businesses of all types and sizes. People will simply vote with their feet if good and, usually free, Wi-Fi is not available.

But this demand for anytime, anyplace connectivity can mean that some of us are prepared to jump onto Wi-Fi hotspots at cafes, hotel, airports or company guest networks, with only a fleeting consideration of security – a fact that has not gone unnoticed by cyber criminals. There are over 300,000 videos on YouTube alone explaining how to hack Wi-Fi users with tools easily found online.

Risks from unprotected Wi-Fi:

Wi-Fi password cracking

Wireless access points that still use older security protocols such as WEP, make for easy targets because these passwords are notoriously easy to crack. Hotspots that invite us to log in by simply using social network credentials are increasingly popular, as they allow businesses to use demographic information such as age, gender and occupation to target personalised content and advertisements.

Eavesdropping

Without encryption, Wi-Fi users run the risk of having their private communications intercepted, or packet sniffed, by cyber snoops while on an unprotected network.

Rogue hotspots

Cyber criminals can set up a spoof access point near your hotspot with a matching SSID that invites unsuspecting customers to log in leaving them susceptible to unnoticed malicious code injection. In fact, it is possible to mimic a hotspot using cheap, portable hardware that fits into a backpack or could even be attached to a drone.

Planting malware

There are common hacking toolkits to scan a Wi-Fi network for vulnerabilities, and customers who join an insecure wireless network may unwittingly walk away with unwanted malware. A common tactic used by hackers is to plant a backdoor on the network, which allows them to return at a later date to steal sensitive information.

Data theft

Joining an insecure wireless network puts users at risk of losing documents that may contain sensitive information. In retail environments, for example, attackers focus their efforts on extracting payment details such as credit card numbers, customer identities and mailing addresses.

Inappropriate and illegal usage

Businesses offering guest Wi-Fi risk playing host to a wide variety of illegal and potentially harmful communications. Adult or extremist content can be offensive to neighbouring users, and illegal downloads of protected media leave the businesses susceptible to copyright infringement lawsuits.

Bad neighbours

As the number of wireless users on the network grows, so does the risk of a pre-infected client entering the network. Mobile attacks, such as Android’s Stagefright, can spread from guest to guest, even if the initial victim is oblivious to the threat.

Best practices

There are established best practices to help secure your Wi-Fi network, alongside a drive, from companies such as WatchGuard, to extend well-proven physical network safeguards to the area of wireless, providing better network visibility to avoid blind spots.

Implementing the latest WPA2 Enterprise (802.1x) security protocol and encryption is a must, while all traffic should, at a minimum, be inspected for viruses and malware, including zero day threats and advanced persistent threats.

Application ID and control will monitor and optionally block certain risky traffic, while web content filtering will prevent unsuspecting users from accidentally clicking a hyperlink that invites exploitation, malware and backdoors to be loaded into your network.

The use of strong passwords, which are changed frequently, should be encouraged, along with regular scanning for rogue Access Points (Aps) and whitelisting MAC addresses, when possible.

WatchGuard’s latest cloud-managed wireless access points also have built-in WIPs (Wireless Intrusion Prevention System) technology to defend against unauthorised devices, rogue APs and malicious attacks, with close to zero false positives.

While WIDs (Wireless Intrusion Detection Systems) are common in many Wi-Fi solutions, WIDs require manual intervention to respond to potential threats. This may be OK for large organisations with IT teams that can manage this, however WIPs is a fully-automated system, which makes it far more attractive to SMEs and organisations such as schools and colleges.

It is clear that Wi-Fi is here to stay and is becoming much more than simply a way to get online. While the rapid speed of Wi-Fi adoption has led to a disconnect between physical and wireless security, this is now changing and there is no longer any excuse for providing insecure Wi-Fi.


Winter home insurance tips
3 January 2017
As winter exterts its grip it is important to ensure that your home is insured against the various threats that come from the cold weather...Read more
Tips
21 August 2015
Kitchens and bathrooms are two of the most important selling points of a property, and are also among the most popular update and extension proje...Read more
Tips
Redrow allows buyers to reserve in comfort at home
21 May 2019
Redrow Homes formally introduces a system that lets buyers of its homes legally complete the reservation of a new home online.Read more
Today's New Homes
Search  


Click here to see your activities