The current high rate of mobile users warrants that wireless access users, especially business users, should know how to protect their wireless access points.
First of all, regular business travelers, high-tech adventurers, or those who just love traveling are increasingly vulnerable to unique cyber security threats. This is even more dire in the case of busness travelers because they often carry sensitive data that may be personal or business related.
And most noteworthy, this sensitive data reside on a variety of devices from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.
A recent survey of financial districts found a high percentage of Wi-Fi clients actively probing for “Free Public WiFi”, and cyber criminals create fake wireless access points (SSIDs), hoping that unsuspecting users will log into one of these.
Fraudulent SSIDs Can Lead To Wireless Access Points Attack
It can be tough to convince users — especially those challenged by shrinking travel budgets — to avoid the temptation and draw of free wireless Internet access. When employers can’t or won’t pay for unlimited wireless Internet, employees get creative. Why should they waste thankless hours waiting for planes and trains when they could be using Free Public WiFi to catch up on mail, download iTunes, or watch a little Slingbox?
Unfortunately, Free Public WiFi isn’t what it sounds like. In most cases, these unsecured wireless networks are actually being offered by a nearby laptop or smartphone. Any naive user who tries to connect may well succeed, but the ad hoc node (wireless peer) at the far end isn’t an on-ramp to the Internet. At best, it’s a wireless cul-de-sac; a dead end for IP packets. At worst, it’s a thief using specialized software to spoof destination servers, launch man-in-the-middle attacks and steal personal and business identities.
But why does Free Public WiFi exist on so many devices and in so many different venues?
What can you do to mitigate this risk to your Wireless Access Points?
- Avoid unencrypted Wi-Fi networks. If at an Internet cafe, or a hotel, ask about the Wi-Fi security protocol used before connecting to the Web.
- Where practical, install wireless client upgrades that deter wireless connection probe request and/or ad hoc mode exploitation. For example, Microsoft Windows desktop and server systems can be patched with Microsoft’s wireless client update to stop auto-probing for recently-added ad hoc SSIDs.
Newer Windows operating systems already delete ad hoc SSIDs after disconnection unless otherwise configured.
- Unless your business actually requires ad hoc mode wireless, configure all wireless clients to disable this feature. If you must enable ad hoc mode, look for client options that will notify users when ad hoc connections are formed.
- Install and use a reputable virtual private network (VPN) service on all mobile devices and computers before connecting to any Wi-Fi network.
A VPN creates a “secure tunnel” where information sent over a Wi-Fi connection is encrypted, making data sent to and from your device more secure.
By using a secure virtual private network (VPN) on your smartphones and computers, your web traffic will be encrypted and your data will be safe from interception by a hacker.
- Have malicious website blocking enabled on your browser. While newer web browsers have some form of malicious site blocking built-in, using plugins like the NoScript security suite on Firefox, for example, can help with this.
- At the very least, have the built-in firewall of your operating system activated. Linux, MacOS, and Windows have built-in firewalls.
Your wireless access points may not be secure, and public Wi-Fi isn’t always safe. Without the right protection, your personal information could become public.
For a free report on how to fully protect your business network and mobile users from the perils of the Internet and bogus wireless access points, send a request for our “Safe Wireless Networking” free report here.