Top Five Wireless and IoT Threats
Unlike wired networks, wireless networks can be accessed by anyone. Even restricted wireless environments can be penetrated from nearby. Wireless networks host a wide variety of mobile and IoT devices that are difficult to secure. They often have vulnerable interfaces, unprotected storage, hardcoded backdoors, unencrypted communications and insecure pairing procedures that hackers can exploit.
This combination of unmonitored access, poor device security and lack of controls leaves enterprises exposed to attacks that lead to data loss, ransomware and denial of service. Here are top five wireless threats not detected by traditional security controls:
- Evil Twin: A malicious access point masquerades as a legitimate network. It copies another network’s SSID to look exactly like an existing network. Users and devices are tricked into connecting to the malicious AP.
- Karma: Attacker sends fake probe responses to devices that sent directed probe requests. For example, if the target is at work and his device probes for its coffee shop network, the attacker replies and the target device automatically connects.
- Rogue Hotspot. Corporate devices connected to an external secure/insecure network pose a risk as these hotspots are not monitored by the organizations’ cyber defenses and the external devices connected to these networks are able to compromise them.
- Suspicious AP: The presence of an access point with a similar SSID to the corporate network can indicate an attempt to fool unsuspecting users into connecting to a malicious access point.
- Insecure IoT Device: Some IoT devices like smart printers and smart TVs are physically connected to the corporate network (via a cable) but also host a wireless network, thus acting as a bridge between the two networks. These devices can be used to exfiltrate sensitive data from devices by activating sensors (camera, microphone, screen recording, keyboard sniffing, etc.).
The problem with traditional network access controls (NAC) is they only see what is connected to the network. Wireless attackers operate in the airspace but do not need to connect to the network to do damage. Harmony IoT from Orchestra Group monitors, detects and protects your network from these top threats and more. Our lightweight, cloud managed solution delivers end to end security that is non-invasive and non-disruptive.
Harmony IoT delivers complete, end to end security for your wireless airspace. Learn more at www.orchestragroup.com/#hiot