You have no control to which wireless
networks your users connect, or how
risky those networks are

Every time your users, customers, or partners use Wi-Fi or cellular networks,
inside or outside your premises, they potentially expose your organization
to a wide range of threats that cannot be handled by traditional security
technologies.

Accessing a corporate resource via a compromised or malicious network is
exactly the same as unauthorized access – but for this current defenses’ do
not work.

Wireless attacks are one of the fastest growing security
threats and extremely easy to perform, especially in:

Public Places

Hotels, airports, sports arenas
and food courts.

Public Transportation

Trains, busses, airplanes

Corporate Offices

Both inside and around the
facility

Home networks

Traditional
security tools do
not protect your
organization from
wireless threats

Defense paradigms designed for wired networks do not protect you in the
wireless age. Even at the enterprise, having secure Wi-Fi does not eliminate
the risk of attack.

By creating a rogue network that looks exactly like the corporate network,
or luring devices onto a rogue cell circumvents all defenses. Devices are
programmed to trust wireless networks and the connections are mostly
automatic.

When in the office, devices are protected by many security layers and
corporate assets are protected from unauthorized device access, however
nothing prevents devices from connecting to risky networks.
We are protecting the network from rogue devices. It’s time we protect
devices from rogue networks

Wireless attacks can:

Facilitate Social Engineering

As the attacker controls the network, phishing, captive portal techniques, and DNS spoofing can be executed extremely easily.

Manipulate the device

As the attacker controls the network, phishing, captive portal techniques, and DNS spoofing can be executed extremely easily.

Exposing stored credentials

Taking over your device, including full access to email accounts, websites and social media accounts

Place malware on the device

As was successfully executed in the DarkHotel attack which impacted over 5,000 hotels Wi-Fi networks, malware was placed on users laptops which went undetected for over two years

Intercept & manipulate data traffic

Not only can attackers intercept all data transmissions to and from the device, they can also manipulate the data. This attack method is used for SMS two factor authentication circumvention

Use the device as a “Trojan Horse”

Converting the device into a “sleeper cell” that collects data while in the office, but exfiltrates it only while connecting through open public networks, circumventing all of the enterprise defenses

Access to assets on the device

By using the wireless vector, attackers can gain access to files, and even locally stored credentials giving them access to corporate resources.

Why can’t I trust my existing security platforms?

Current systems were not designed to defend against malicious networks

Current security practices treat wireless
networks as just the last mile in the
standard LAN/WAN.

Traditional technologies look at networks
as an infrastructure connecting between
nodes. As such, security is designed to
protect the user’s devices from attackers
connected to the same network as the
user, trying to divert the user from
legitimate network services to fake or
manipulated services. In the wireless era,
the network itself is the attacker. A
wireless access point (Wi-Fi or Cellular) is
not just a wall socket into which you plug
a computer.

A wireless network is a separate
environment that exists between the
device and the LAN/WAN.

In wireless networking, a malicious
wireless access point can be easily set,
and act as a full-fledged stand-alone LAN.
Once a connection is established, the
device is immediately exposed to
malicious network services, which appear
to be legitimate to standard security tools.
For example, a VPN is effective only after
it connects to the WAN – which gives the
attacker plenty of time to execute any
number of attacks between the time the
device connected to the malicious access
point, and the time the VPN established
connectivity to its host.

Despite corporate policy against
connecting to external Wi-Fi networks,
users will connect to such networks for
convenience reasons and out of
ignorance. Add to that the wireless
devices are designed to connect
automatically and trust the networks, and
the result is that you have little to no
control over to which network your users
connect.

x