The security of external assets is much better nowadays than it was a couple of years ago. Vendors really care about fixing all vulnerabilities and it is pretty easy for IT teams to apply patches for a couple of edge devices like routers and firewalls.

From our experience however, we’ve noticed that the internal security is in poor shape for many large companies. I think this mostly happens due to two factors. Firstly, it’s difficult to manage hundreds of internal devices and keep them up to date. Secondly, there’s the conviction that if the external “firewall” is super tough then there is no need to have hardened inner security.

But there are more ways to get inside than directly through external devices and this is where wireless attacks come in.

Your WiFi device makes you vulnerable to many kind of attacks.

Both the Wireless Access Points and Wireless client devices like smartphones, laptops, tablets or IoT devices can be attacked by hackers and with default settings they may put your company at great risk. Actually, wirelessness may be the weakest link of your network security.

There are multiple WiFi attack techniques. Those can be aimed at Access Points like WPS based attacks, or vulnerable/unpatched firmware. Beside Access Points hackers may also aim to attack client devices and gain access to internal network through them. There are captured WPA handshake cracking techniques or evil twin attacks.

You may never know whose network you’re using right now

You may think that your company WiFi is secured because you use strong passwords and enterprise solutions for wireless networking or you’re monitoring the office location to prevent suspicious activities. High range antennas make the attack possible from long distance and hackers may be placed out of the visible perimeter. In our previous episode we also proved that it’s possible to put a small device inside the office without any problems.

If the company employees use BYOD (Bring Your Own Device) they may also be a victim of attacks in totally different places than the secured office. Hotels, airports, coffee shops, are most likely the places where the attack can begin. And without issues, hackers may trick the victim to connect to known networks in places where they least expect it (like having a Airport Free Wifi network which you always use in your travels).

How to secure the WiFi network

Use strong passwords and monitor wireless network for suspicious activity. There are also Wireless Penetration Tests dedicated for those kind of security concerns which may give you full visibility on any vulnerabilities.

In this video, we will show you the basics of WiFi attacks, but stay tuned as we’re going to show you how those can be used in real life scenarios.

As promised in the video here is the link to the list of Access Points vulnerable to PixieDust attacks: