How To Stop Hacking of Your WiFi in 2017

It’s 2017, and we’re not any further along with Wi-Fi security than we were 10 years ago. There are Intrusion Detection Systems and 2nd generation antivirus apps to protect us from some vulnerabilities but the simple fact is that we find businesses that are still deploying wireless technology in ways that it should never be deployed.

Installing WiFi is like running Ethernet to your parking lot. It’s a cliche thing to say, but it is often true and very easy to hack in many cases. There is a known crack/hack method for most all wireless technologies on the market today and with easy to find “script kiddie tools” to assist those hackers with less experience!

If I can attack your network sitting in my car from the parking lot, what chance do you have? And 99% of the time I’m successful.

Lots of companies are moving to new offices that have wide open office layouts. Some may not have BYOD policies or wireless security plans in place, and anyone can bring their own device to work that you may not know about.

I’ve even seen some companies installing IoT devices like smart led light bulbs and thermostats. Even some security camera systems which are always running unsecured and on default passwords.

So what can you do to protect people from exploiting weaknesses in your wireless security networks and PWNing your company? Be sure if your business has WiFi Equipment that it is evaluated regularly by a professional technology firm such as Atlanta I.T. Service. New vulnerabilities are discovered and released on a continual basis so don’t take unneeded risks.

“We’re sorry, but your new password must contain an upper case letter, a number, a punctuation mark and a gang sign” : )
— Pwnie Express (@PwnieExpress) January 16, 2017

Be sure WEP does not exist in your infrastructure. WEP is the weakest of the weak for encryption but was a reaction to open networks early on. If enough packets are observed the key can be brute forced easily. Remember doing that like 15 years ago?
WPA/WPA2 PSK can be your friend. It’s mostly secure, but there are still things you need to lock down to be sure.
Create a plan on what to do when an attack happens. Develop and implement a wireless security policy. Be ready when you do detect a rogue device or when someone’s banging on your network from the parking lot.

Note: It’s a guest post written by Ken Savage from Pwnie Express for The Hacker News.

 



Recent Posts
Categories
Archives