Wireless connectivity, often known as Wi-Fi, is the technology that allows devices such as personal computers, laptops, mobile phones and tablets to connect to resources on a given network. This could be a home network and the resource being the internet and social media, or it could be a corporate network giving access to all your files and systems to get your work done. This is all achieved wirelessly without any physical cables tethering you to a specific location.
Wi-Fi (pronounced “Why-Fy”) is a term that was coined in 1999 by the “Wireless Ethernet Compatibility Alliance” (WECA), subsequently referring to itself as the “WiFi Alliance” as a name which would be easily recalled due to its similarity to the then well-known term “hi-fi”.
The technology uses radio signals to transmit information between your Wi-Fi enabled devices and your target network, allowing the devices to receive and send information in the same way that a radio or mobile phone receives sound.
The modern world is full of wireless networks, from our banks to coffee shops, we can find wireless access points.
Deploying wireless solutions can bring great benefits;
- Convenience
Access your networks resources from any location within your wireless network’s range, no cables tethering you down.
- Flexibility
You are no longer tethered to a desk! You can be anywhere in your business and always have access to your resources.
- Deployment
The ability to share a network effortlessly, quickly and simply is a great benefit of this technology.
- Productivity
Wireless access to the Internet, email, critical applications and resources allows for simpler collaboration between staff which in turn helps get the job done more efficiently.
- Cost
It can be far cheaper to deploy a wireless infrastructure model across your business than the traditional cabled network. Deploying a full corporate network, cabling to all desks, printers and every other device in its specific location. This could potentially be months of expensive contractors laying cabling.
These networks also bring with them potential risks; your physical perimeter is potentially no longer the boundary to your network. Attackers could gain access to your networks, your data, without having to compromise any physical controls or boundaries.
These technologies, like any other technology, are susceptible to security weaknesses such as weak controls, deprecated protocols, configuration issues, design concerns and segregation issues.
A wireless assessment can help identify these weaknesses, highlight the risks and most importantly, help to remediate them.
Using a combination of automated and manual testing, our consultants will conduct a thorough assessment of your infrastructure, identifying vulnerabilities that may be exploitable by both authenticated and unauthenticated users across your network.
The use of automated tools and in-depth knowledge of manual testing allows us to accurately and effectively assess your infrastructure, maximising the time available.
Assessments are conducted in line with the current standards and methodologies utilised in the industry, such as those outlined in the Penetration Testing Execution Standard (PTES). Using PTES as guidance, Laneden defines our approach in six phases:
- Pre-engagement
- Intelligence Gathering
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting
Our consultants engage with the client to discuss the scope and make certain all is in order prior to the assessment beginning
Communications at the beginning and end of each assessment day, confirming either the assessment is starting or ending for the day.
On-going communications from the engaged engineer, highlighting any major issues as they come across them.
A comprehensive report is provided containing an executive summary which gets right to the point of the associated risks and is consumable by anyone in the organisation regardless of their technical background.
Clear and concise information describing each issue to hand.
Technical references will be provided when relevant, allowing you to gather more information on the vulnerability if required.
Each vulnerability will be put into context and given a risk-based score. Utilising CVSS 3 scoring and relevant context you can get a real picture for each associated risk.
Simple remediation advice, advising what is required to remediate the relevant vulnerability.
FREQUENTLY ASKED QUESTIONS
Context is king if you are authenticating devices to your network using a PSK, and that PSK is a large complex string of random characters which is cycled often. Then yes, it is very likely that your key is pretty secure.
If your PSK is derived from a common word and it never changes, then not so much. If you are using an off-host authentication mechanism such as RADIUS, then it is unlikely that your key could be captured during the 4-way handshake process for offline attacks. However, that doesn’t mean you can’t directly attack the key via brute force login mechanisms.
WEP is inherently flawed, and it is common for WEP networks to be breached in mear minutes. So yes, it is pretty terrible and should never be used.
WPA3 made an appearance in 2018 when the Wi-Fi Alliance announced its release. This new protocol boasting security fixes that plagued its’ predecessor WPA2, with its four-way handshake shortcomings and the use of a PSK (Pre-share key).
Although WPA3 has improved with regards to security, its uptake has been quite slow due to WPA2-Enterprise which utilises 802.1X authentication avoids the use of a PSK and offers most it seems, enough security to fulfil their requirements.
We would suggest if security is a priority for you, deploy WPA3-Enterprise.