The 6 Known Wi-Fi Threat Categories Targeting Your Business

Blog Banner.jpeg

While the list of potential Wi-Fi threats could go on forever, there are 6 known Wi-Fi threat categories that you need to protect your business against.

In the next section, we’ll cover each of these categories, what they look like, how they work and a real-life example that could be taking place in your business right now.


  1. Evil Twin Access Point

What

evil+twin+access+point+watchguard+telanet

An evil twin Access Point (AP) will mimic a legitimate AP, spoofing its SSID and unique MAC address. Attackers can then intercept traffic and insert themselves into the data conversation between the victim and the servers that the victim accesses while connected to the evil twin access point.

How

Once the victim is connected, the attacker can steal credentials, inject malicious code into the victim browsers, redirect the victim to a malware site, and so much more.

Example

On your lunch break you decide its finally time to do some online shopping to update your wardrobe – nothing wrong with that!

But a hacker is using an evil twin access point and you’ve now unsuspectedly connected to their copy of your Wi-Fi SSID. Once you go to check out and enter in your credit card information to order those new shoes, the hacker has your information and is ready to go sell it on the dark web.


2. Misconfigured Access Point

What

misconfigured+access+point+watchguard+telanet

In busy networks where new Access Points (AP’s) are being deployed, it can be too easy for network administrators to accidentally make a configuration mistake such as making a private SSID open with no encryption, potentially exposing sensitive information to interception over the air.

How

This can happen any time an access point isn’t set up properly (like leaving default settings unchanged for example).

Example

An AP gets shipped from corporate to your new office and Charles, the receptionist, volunteers to set it up! He follows the instructions and installs the AP that’s now broadcasting an open SSID, which is leaking private data like a sieve. You can’t blame him, because he’s not an IT pro, but you’re still left with a misconfigured AP that could be a serious risk to your organization.

3. Rogue Access Point

What

rogue access point watchguard telanet

A rogue Access Point (AP) is a wireless AP that has been installed on a secure network without explicit authorization from an administrator.

How

Rogue APs are connected to the authorized network, usually with an open SSID, allowing the attackers to bypass your perimeter security. This could be with a physical AP, or one created in software on a computer and bridged to an authorized network.

Example

You own a retail store that has customers coming in and out all day. When it’s busy, it’s impossible to keep an eye on everyone there every second of the day. It’s easy for someone to jump into the wire closet and plug in the cheapest AP they could get and they’re now able to gain access to the company’s private secure network and can hijack POS systems to reveal credit card numbers and more.

4. Rogue Client

What

rogue client watchguard telanet

Any client previously connected to a rogue access point (AP) or other malicious AP within the range of a private network is considered a rogue client.

How

A client typically becomes categorized as rogue if it has connected to any rogue AP, evil twin, or other malicious AP while within range of a private WLAN network. This client could have been victimized by a plethora of man-in-the-middle (MitM) attacks that include loading ransomworms, malware, or backdoors onto the client.

Example

You stop by the same café on the way to work every day. Since you’ve connected to their Wi-Fi network before, your phone automatically connects as soon as you set foot in the door. Unfortunately, that day, someone had set up an evil twin AP, tricked your phone, and infected your phone while you’re in range of your private wireless local area network (WLAN) with ransomware for you to take back to the office. As soon as you’re back at your desk, your phone connects to your corporate Wi-Fi and the ransomware is off and running!

5. Neighbour Access Point

What

neighour access point watchguard telanet

When an authorized client connects to a guest or external, neighbouring Access Point (AP), bypassing the company’s perimeter security and getting around security restrictions set by the firewall.

How

There’s no super-secret hacker trick to this one. Any of your employees could be (and probably are) doing this right now. By choosing to connect their devices to the guest network or the coffee shop network downstairs, your employees are easily bypassing the security you’ve built into your network.

Example

Janice in marketing cannot get through the morning without listening to her favourite new soundtrack. Her phone is almost dead, so she wants to use her company-issued computer to connect to a streaming site. Her company’s firewall restricts access to streaming music, but that’s no worry for Janice – she’ll just connect to the downstairs coffee shop’s unsecure Wi-Fi and start listening away. Unfortunately for you, a hacker is sipping his first cup of coffee, just waiting for her to connect and get to work on accessing your network.

6. Ad-Hoc Network

What

Ad-hoc+network+watchguard+Telanet

A peer-to-peer Wi-Fi connection between clients that lets two or more devices communicate with each other directly, circumventing your network security policies and making the traffic completely invisible.

How

With a few simple clicks in your settings, any one of your employees could quickly set up an ad-hoc network between their colleague’s devices. This can create security and legal implications that could ultimately impact your business.

Example

As a meeting is getting ready to start, Carl’s boss is STILL waiting for that file he promised would be there this morning. It would take him too long to use the corporate-approved secure network file sharing, so he decides to set up an ad-hoc network to send it directly from laptop to laptop. Unfortunately for you, this opens the door to potential legal and security repercussions for your business.


Defending Against Wi-Fi Threats with a Trusted Wireless Environment

As you’ve seen, in a world with growing open Wi-Fi networks,Wi-Fi hackers are able to not only steal information but spread malware to computers on the network that could cost your businesses millions. You need a framework that empowers you to provide high-performing, yet secure Wi-Fi access to your customers and employees.

Trusted Wireless Environment framework focuses on the three core pillars to enable the robust performance you want with the security you need. They are:

  1. Marketing-Leading Security Performance to keep you up-to-date

  2. Scalable Management for your growing team

  3. Verified Comprehensive Security demonstrated through dashboard reports

Call Telanet today, and let’s see where your Wi-Fi Networks are exposed. Our incredible technology partner, Watchguard, offer amazing tech solutions that will keep your business and data safe and protect. Let’s find the right fit for your security.

watchguard logo transparent background
Dan Snow