With wireless networks expanding and connectivity becoming part of the customer experience, it has become much easier to connect a device to the local coffee shop’s or even fast food joint’s Wi-Fi. Savvy prosumers can reduce the usage of 3G/4G connection on their personal devices, that are used for work but for which the costs are not always fully covered.
As unlimited plans disappear, this is one way to save on usage fees. Unfortunately, the enterprise could eventually incur a greater cost as these unsecure connections present a security issue.
It’s with the same ease that store customers connect, with which potential hackers connect as well. They use the same signal in order to take advantage of known Wi-Fi vulnerabilities. As an example, an older vulnerability known as “Hole 196” (name based on the last line of page 196 of the IEEE 802.11 wireless networking standard) could potentially allow a hacker to snoop on wireless traffic via a man-in-the-middle attack using basic ARP cache-poisoning techniques.
WPS, or “Wi-Fi Protected Setup,” is another example of a great idea that, unfortunately, created security holes. Even though WPS was slated as being a secure way to configure wireless devices, the overall design and implementation flaws allows an attacker to use a brute-force attack to gain access to what was considered a secured wireless network.
Wireless vendors have updated their firmware to resolve some of these vulnerabilities, but this will only work if the firmware is actually applied to the wireless access point (AP) in the four walls. Since most “free” Wi-Fi connections were created to keep you in your seat with little concern for your data, the overall security of the AP is usually overlooked.
Most of the APs that are used for these free connections were configured out of the box and have probably never had a firmware update since the day of their installation. The update does not fix all security issues, but definitely addresses them.
If a free Wi-Fi provider really wanted to address security, an investment in strong intrusion detection and prevention systems (known as IDS and IPS respectively) in order to help detect potential attacks should be considered.
Physical access points are not the only area of concern. With the introduction of Windows 7, Microsoft included a Wi-Fi feature called Wireless Hosted Networks. This function allows an end-user to easily set up a virtual AP, broadcast the given network name and make it available to nearby Wi-Fi users. Hackers use this functionality to create an Adhoc Wi-Fi connection which an end-user could unknowingly connect to thinking they were actually using their favorite coffee shop’s free Wi-Fi.
Any business enabling mobile workers through BYOD can never fully ensure their employees won’t “connect with coffee,” unless they’re willing to disable the auto connection of the wireless client. This would force the user to select the connection manually, but it would still take educating the user to succeed.
Wi-Fi connecting should be fully outlined in any enterprise’s mobile policy. Employees should understand the ramifications of choosing an unsecure network and be given the right tools to make the safest choice.