Coro Cybersecurity received an AAA Rating from SE Labs for Enterprise Advanced Security Protection. Read the report
Coro Cybersecurity

How Good Wireless Visibility Can Beat the Rogue Access Points

January 26, 2017

With wireless security, it’s all about visibility. Look around a coffee shop, airport, or even an office building and it’s impossible to miss all the smartphones, tablets and laptop computers. Just about everyone has a wireless device.

But the downside to all these devices – and thus the downside to BYOD also – is a security threat that’s not clearly visible: rogue access points. The proliferation of mobile devices prompted a surge of wireless access points, enabling people to connect anywhere and at any time.

While an abundance of access points – including the hot spots on personal devices – helps productivity, it also allows fake ones to hide in plain sight and exposes a company network to malicious activity. Unfortunately, cybersecurity teams can’t see, let alone monitor, every fake network service that their employees unknowingly connect to, whether those rogue access points are in a coffee shop or under the company roof. It’s an enormous blind spot that puts organizations at significant risk.


Many Rogue Access Points, but not Enough Security Sense

Hijacking access points is easy. A wireless device, usually connects to a Wi-Fi access point with the strongest signal. If a hacker with a fake access point sits between the access point to a legitimate Wi-Fi signal and an employee who unwittingly will connect to an unverified source, the device can be compromised.

Previously, only governments or hackers with massive resources and knowledge  could establish an access point, but with open-source software, hackers can cheaply and easily create malicious Wi-Fi or Cellular access points to intercept wireless communications.

There are more than 76 million commercial and community hotspots, combined, in the U.S., and more than 179 million total worldwide. It’s difficult to pinpoint how many hotspots are fake, but security experts believe there is an increase in man-in-the-middle attacks such as those carried out by rogue access points.

The prevalence of fake Wi-Fi hotspots has done little to strike caution into the hearts of mobile device owners. Instead of wondering if they’re connecting to a legitimate and trustworthy source, few people question basic security: more than 60% of people think their personal information is protected when using public internet and about 50% are unaware they are responsible for securing their own data.

Most of the time, users pay little mind to Wi-Fi security until they have had their personal information stolen and their employer’s assets compromised through a man-in-the-middle attack.  It happened last year when millions of college basketball fans unknowingly put their personally identifiable information at risk by using a popular but unsecure CBS Sports app during the frenzy of the NCAA March Madness tournament.

And it can happen right in the office. A majority of unknown-but-connected access points are installed by employees for the sake of convenience, usually without Wi-Fi authentication or encryption.


Wireless Security that Clearly Sees Risk

Despite the known risks of wireless communications, enterprises still need to invest more in visibility and control.

Many companies continue to focus on the upper layers -- application, presentation, session – of the OSI Model while paying little attention to the lower layers – transport, network, data link and physical – that handle formatting, encoding and transmission of data over the network. It’s not that IT security doesn’t recognize the vulnerabilities of the lower layers, it’s just that they’ve been busy protecting the upper layers.

Security teams of course, don’t want to impede productivity and growth with draconian security policies that all but tether devices to office desks and hardline network connections. Consistent training about the use of free Wi-Fi hotspots and automatic connections can diminish risk, but as those surveys showed, people will still use unsecure public Wi-Fi or a friend’s mobile hot spot when in a rush to get connected.

Enterprises can finally get a strong visual on rogue access points by using a network security solution that can not only see those fake access points, but also trace their network connectivity, estimate their physical location and examine visible Wi-Fi parameters to automatically respond to any threats they pose.

Clear and accurate wireless visibility should be a priority for all companies. Staying on top of wireless is only going to get more complicated: Intel says the number of connected devices could surge to 200 billion by 2020, and Cisco and Microsoft have both predicted 50 billion devices will be connected to the Internet by 2020.

Enterprises need a solution that manages, controls and enforces security policies on wireless devices at any time and also allows employees to connect to any device from any location, access any service and maintain privacy without any inconvenience. Coronet offers this exact level of visibility and control; contact us to learn more.