Now that the Remote Workforce is more or a less a permanent fixture in the American Workplace, many employees not only choose to work from home, but they also work from other places such as restaurants, cafes, virtual offices, and co-working spaces. A common denominator among these places is that Internet access is often gained via the use of Wi-Fi Access points (WAPs).
Wi-Fi Access Point devices can store varying levels of information about the people who use them, and unfortunately, securing them is one of the last priorities. In this article, we examine some of the information that is stored by WAPs, and how you can take action to protect Wi-Fi Access Points from falling prey to a Cyberattack.
What is Stored in Wi-Fi Access Points?
The following are examples of what is collected and stored by the Wi-Fi points:
1) The Operating System: Just like your smartphone or computer, Wi-Fi Access Points also have their own Operating Systems. This is what makes them run in the same manner as your other devices. They too have their own set of vulnerabilities, such as backdoors. This is where the Cyberattacker can covertly enter and stay in for long periods of time to deploy their malicious payloads in spots where they cannot be easily discovered.
The Fix: Make sure that you download and apply the latest software upgrades/patches, and firmware onto your Wi-Fi Access Points. Also, always run a scan to make sure that there are no existing threats residing on it.
2) Passwords: Wi-Fi Access Points also contain the login credentials of the network administrators that deploy and configure them. Unless a long and complex password is used, the statistical odds of a Cyberattacker stealing it are fairly high, and the stolen password will eventually find its way to various forums on the Dark Web.
The Fix: Make use of a Password Manager software application to create long and complex passwords and have the Password Manager reset them automatically at differing timetables. Many of thes packages are free or inexpensive.
3) Routing Table Information: In simple terms, a Wi-Fi Access Point does not give you direct access to an Internet connection. Rather it forwards your network requests (such as trying to visit a particular website) to other nodes along that Internet highway that will eventually guide you to where you want to go. But to keep things running efficiently, Wi-Fi Access Points often make use of Routing Tables. They are used to determine the most optimal path for your requests to take. In technical terms, these are also known as “Data Packets,” and the information they contain are also stored in the Wi-Fi Access Points. In these instances, it is quite easy for a Cyberattacker to use a simple network sniffer to capture the data packets and use them maliciously against you when you least expect it.
The Fix: Make use of strong levels of encryption to secure the network line of communication from your device to the Wi-Fi Access Point, and vice versa. That way, if any of the data packets are intercepted, they will remain in a totally useless, garbled state until they are decrypted.
4) Point to Point Protocol over Ethernet (PPPoE) Credentials:
Point to Point Protocol over Ethernet (or PPPoE) is, in layman’s terms, the login username and password that your Internet Service Provider gives you after they have set up the Wi-Fi Access Points in either your home or business. So if, for example, you were to subscribe to Internet services through Comcast, the technician would provide you with a network name (which is technically known as the “Service Set Identifier” or “SSID”), and a password. This is what is used by Comcast to recognize your device whenever you use their Internet service. This is too stored in the Wi-Fi Access Point, and very often the technician will set them up in a such a way that it’s easy for you to remember. This setup contains the same set of weaknesses that other types of passwords do, making it very easy for a Cyberattacker to hijack them. It is important to note that the SSID is also broadcast to the public as well. So, for example, when you find your network name to log into, it also appears with others that are geographically close to your device. This can be a grave security vulnerability.
The Fix: After you received the initial SSID and password from your Internet Service Provider, immediately reset them, especially the password. When it comes to the SSID, disable its public viewing functionality.
5) Web surfing history: Wi-Fi Access Points are notorious for keeping a log history of the all the website requests that come through it. While this is useful for a network administrator in order sniff out any trends in unusual behavior, if it were to be accessed by a Cyberattacker, it would be quite easy for them to build a profile of their intended targets, as they can associate with the Data Packets that have been captured.
The Fix: On a regular basis, delete the log history that is stored, but make sure to create backup copies and store them in a secure location (such as the Cloud) before you start the actual deletion process.
6) Media Access Control Addresses (MACs): Every network card that is installed onto a wireless device or computer comes with what is known as a Media Access Control Address, or MAC. This is merely a string of numbers and letters that identifies your device from the rest of the crowd in your network neighborhood. If this is not hidden, a Cyberattacker can easily locate your device, remotely scan it, and deploy any kind malicious payload they want to, ranging from Trojan Horses to the much deadlier malware that can launch and execute Ransomware attacks against your particular device.
The Fix: Make use of the whitelisting functionality. Not only will this mask the MAC addresses that are allowed to access the Wi-Fi Access Points, it will also keep rogue and malicious devices from gaining access to it.
Conclusion
It should be noted that if an employee is using a company-owned Wi-Fi Access Point, then it is up to the employer to upgrade and protect it. However, if the employee owns the WAP, then it is his or her responsibility to upgrade it.
The fixing steps outlined in this article are quick and should be easy to implement. By taking these steps now, you will greatly mitigate the risk of becoming the next victim of a Cyberattack.
Source:
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.
Visit his website at mltechnologies.io