A recent survey of financial districts found nearly 6% of Wi-Fi clients actively probing for the SSID Free Public WiFi because Wi-Fi users have been spreading this viral SSID to fellow travelers for three years now.
FRAUDULENT SSID LEADS TO ATTACKS
It can be tough to convince users — especially those challenged by shrinking travel budgets — to avoid the temptation and draw of free wireless Internet. When employers can’t or won’t pay for unlimited wireless Internet, employees get creative. Why should they waste thankless hours waiting for planes and trains when they could be using Free Public WiFi to catch up on mail, download iTunes, or watch a little Slingbox?
Unfortunately, Free Public WiFi isn’t what it sounds like. In most cases, this unsecured wireless network is actually being offered by a nearby laptop or smartphone. Any naive user who tries to connect may well succeed, but the ad hoc node (wireless peer) at the far end isn’t an on-ramp to the Internet. At best, it’s a wireless cul-de-sac; a dead end for IP packets. At worst, it’s a thief using KARMA to spoof destination servers, launch man-in-the-middle attacks and steal personal and business identities.
But why does Free Public WiFi exist on so many devices and in so many different venues? What can you do to mitigate this risk to your enterprise data?
1. Where practical, install wireless client upgrades that deter 802.11 probe request and/or ad hoc mode exploitation. For example, Windows XP and Server 2008 systems can be patched with Microsoft’s wireless client update to stop auto-probing for recently-added ad hoc SSIDs. (Windows Vista already deletes ad hoc SSIDs after disconnection unless otherwise configured.)
2. Unless your business actually requires ad hoc mode wireless, configure all wireless clients to disable this feature. If you must enable ad hoc mode, look for client options that will notify users when ad hoc connections are formed.
Click here to read the full report.
(Note: Browser will open a new tab or window)