Page 22 - Cyber Warnings
P. 22
The reality is that credential interception happens every day across Wi-Fi networks around the
world. It offers one of the highest rewards versus risk payouts for cybercriminals, and these
“little” hacks could have huge implications on the threat landscape. Consider this: if a senior
executive has his or her Gmail password intercepted while sipping a cappuccino and accessing
email on public “café” Wi-Fi, it’s not likely he or she knows they’ve been hacked. But, this
information could be used to gain access for a larger hack or breach. That’s why Wi-Fi hacking
is so scary.
If these attacks are so prevalent, why isn’t the industry doing more to prevent them? First, the
victims often don’t know they’ve been hacked. The public puts blind trust into these public
networks, which is surprising considering users can get passed off from their carriers to a public
network without knowing it.
Second, it’s really hard to trace these types of attacks due to the MiTM and the fact that it’s over
a public network. And third, AP vendors haven’t traditionally had a good solution for the
problem, so they’re not working to raise awareness.
If using public Wi-Fi exposes the public to a variety of security risks, and the MiTM attack is the
root of most Wi-Fi evil, what’s the solution? VPNs (Virtual Private Networks) can make
connecting safer, but not everyone knows how to use a VPN and it relies on the end-user taking
action.
Passwords on SSIDs can also help, but the four-way WPA2 handshake is easily decrypted in
minutes by GPU accelerators or other resources on the dark web.
What’s the answer?
In part two of this series titled “Defending Your Airspace,” I’ll explain how organizations can use
the latest technology to provide secure public Wi-Fi, and take the end-user out of the “security
equation.” In the meantime, be diligent when at the local mall or coffee shop.
About The Author
Ryan Orsi is Director of Product Management at WatchGuard, a global leader in network
security, providing products and services to more than 75,000 customers worldwide. Ryan
leads the Secure Wi-Fi solutions for WatchGuard. He has experience bringing disruptive
wireless products to the WLAN, IoT, medical, and consumer wearable markets. As VP
Business Development in the RF industry, he led sales and business development teams
worldwide to success in direct and channel environments. He holds MBA and Electrical
Engineering Degrees and is a named inventor on 19 patents and applications.
Ryan can be reached online at @RyanOrsi and at our company website
www.watchguard.com/wifi
22 Cyber Warnings E-Magazine – April 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide