Page 60 - Cyber Warnings
P. 60
Wi-Fi Security Worries and the Critical Nature of Classification
By Ryan Orsi, Director of Strategic Alliances at WatchGuard Technologies
Open public Wi-Fi hotspots are experiencing explosive growth. According to Cisco’s latest
Visual Networking Index Forcast, by 2020, public Wi-Fi hotspots will reach 432 million – nearly
seven times the total in 2015. To most, this figure wouldn’t come as a shock. You’d be hard
pressed to find an airport, store, hotel, gym or coffee shop in business today that doesn’t
provide public Wi-Fi. The rise of connected or “Internet of Things” (IoT) devices and cellular
offloading onto Wi-Fi as a method of easing capacity demands are a few strong drivers of this
growth. The ubiquitous nature of wireless connectivity itself has resulted in seeding Wi-Fi radios
into almost everything around us: smartphones, laptops, tablets, watches, TVs and even cars.
In fact, Gartner estimates that 26 billion IoT devices will be connected by the year 2020.
It’s safe to say that the widespread proliferation of Wi-Fi hotspots and connected devices makes
our lives easier. But as convenient as anytime access to Wi-Fi may be, when everything is
connected to everything, there are very real security concerns to consider.
Understanding Wi-Fi Security Risks
In a world consisting of only your laptop and a Wi-Fi access point, you’re perfectly safe checking
your bank account balance over a public hotspot. The main security risk with public Wi-Fi is the
risk of a third party diverting your Wi-Fi traffic either on its way to the internet or back to your
client device. This strategy is called a man-in-the-middle (MitM) attack and has been well-known
since the original release of Wi-Fi. A MitM attack allows malicious hackers to examine the
wireless traffic, login credentials, credit card numbers or other personally identifiable information
being used by people who are unknowingly connected to a rogue access point.
When you connect your smartphone, tablet, laptop, or even a smart watch to a public Wi-Fi
hotspot, the name or SSID of that hotspot is typically automatically saved so that the next time
you walk back into that same establishment, your device will conveniently re-connect on its own.
But, once you leave that airport or coffee shop, your smart devices continue to send out probe
requests in the air looking for the SSID of the hotspots on your “auto connect” list. A Karma
attack is one that takes place when an attacker takes advantage of your device’s automatic
beaconing and attempts to use a spoofed SSID to connect you to a rogue access point under
their control.
Bad actors are known to dwell in public Wi-Fi areas frequented by employees of investment
banks, technology companies, and healthcare organizations in order to target them with a MitM
attack. This is typically done by forcing the Wi-Fi clients off the legitimate access point
broadcasting the hotspot SSID and pulling them onto the rogue access point that also is
imitating the same hotspot SSID. The client connection disruption is minor and falls within the
60 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
