The Deep Vulnerability of Wi-Fi Networks
February 26, 2014
Wireless routers aren't kept up-to-date and networks are growing ever more vulnerable.
The random mix of consumer and corporate communications devices – the phones, tablets and other paraphernalia that folks use and the networks that connect them – is well established. Indeed, it won’t be long before the categories won’t be distinguished from each other at all.
This means trouble. Tripwire showed just how much trouble: The security firm released research from a survey of 1,009 remote workers and 653 IT and security pros in the U.S. and UK. It found that 55 percent of the IT workers and 85 percent of employees use the default IP address on their wireless routers which, in highly technological parlance, is a no-no.
This wasn’t the only issue the study uncovered, according to eSecurity Planet.
The survey also found that 52 percent of IT professionals and 59 percent of employees haven't updated the firmware on their routers to the latest version, and 30 percent of IT professionals and 46 percent of employees haven't changed the default admin password on their routers.
Finally, the research, which was done by the company’s Vulnerability and Exposure Research Team (VERT), found that 80 percent of the top 25 best small office/home office (SOHO) routers have security flaws, according to the story.
Tripwire also found that 80 percent of Amazon.com's top 25 best-selling small office/home office (SOHO) wireless routers have security flaws, the story said.
Of course, it is axiomatic that “civilians” and even IT pros don’t pay as much attention to security as they should. That’s a shame, but a reality. Preston Gralla at IT World offers some advice to those who want to confront the Wi-Fi security issue. The reason that such networks are so dangerous, Gralla writes, is because every device can access any other devices as well as shared files and folders. That’s a goldmine for a cracker.
Gralla says that there is a way to confront the issue:
There is a solution, though: You can isolate guests from everything else on the network, or if your router can't do that, you can isolate the devices from each other. Isolating guests only is called guest access, guest network, guest isolation, or creating guest zone. Isolating all devices from each other is called wireless isolation.
He points to a Linksys router that offers this capability. He doesn’t write that it is the only one. In any case, it is an important option to seek out.
This is not a static problem: Crackers, who are as smart as the people trying to stop them, continue to innovate. TechWorld reports on an experiment at the University of London that demonstrated the possibility that malware could be engineered to spread between access points (APs) and nodes. The experiment focused on attacking APs with “poorly-secured management interfaces” – default passwords – and the ensuing spread to other nodes. This was an academic exercise, but something of which the criminals are no doubt aware.
The opening up of the enterprise to mobile work and telecommuting is great. But such freedom carries significant security risks. Now, more than ever, companies and the people who work for them must pay attention.