11 common wireless security risks you don't have to take

Common wireless security risks

No amount of inherent Wi-Fi security offsets poor wireless implementation and oversight. A smart approach to wireless and mobile security keeps business assets under control while affording users the computing freedom they're looking for.

Some IT and security professionals eschew Wi-Fi altogether in favor of Ethernet's faster speeds, more reliable performance and better security. However, avoiding the technology instead of using compensating controls isn't always best. Not every device can easily connect to Ethernet. Mobile devices, such as cellphones, need special adapters that aren't always provided. As such, it's important that network teams address wireless flaws to have a secure network.

Common wireless security issues include the following:

1. Outside wireless access points and routers. Some organizations use wireless APs and routers that fall outside the organization's patch management standards. Connected users and outside attackers introduce and exploit vulnerabilities such as the KRACK attack. Random wireless hotspots at home and while traveling can also leave mobile devices vulnerable to attack.
2. Minimal monitoring. If teams don't monitor the network for attacks and other malicious use, they might fail to prevent bigger wireless security risks. Malware infections and data exfiltration can cause serious harm to networks and enterprises. Constant monitoring helps teams uncover attacks before they start. Beyond security, wireless monitoring helps teams see useful metrics such as wireless speeds, quality and performance.
3. Limited visibility of the network's signal spectrum. Wireless networks operate on three bands: 2.4 GHz, 5 GHz and 6 GHz. Without visibility into these signals, teams lack control and can unnecessarily expose their networks to unauthorized wireless signals. Understanding which devices operate on the organization's wireless network spectrum can alert IT and security personnel to new wireless devices, such as hosts and APs, in the vicinity. Tools such as Wi-Fi spectrum analyzers help gain visibility into the wireless signal spectrum.
4. Outdated wireless security protocols. Ensuring networks have up-to-date security protocols is crucial, especially with wireless. Outdated wireless security protocols such as WPA and WEP are easy to exploit. Most modern devices are now equipped with WPA2 and WPA3 security protocols.
5. Wi-Fi Protected Setup without intruder lockout. WPS is a feature on Wi-Fi that enables devices to connect without a password for a short time. This can either be done by pushing a button or entering an 8-digit PIN. However, bad actors can take advantage of this feature. Without intruder lockout, an attacker can crack the WPS PIN and capture the WPA encryption key.
6. Network access control that doesn't include Wi-Fi. Without including Wi-Fi in its scope, network access control only provides a false sense of security. Unauthenticated and improperly secured devices can access internal parts of the network, creating security risks.
7. No web content filtering. Organizations have different networks depending on the user. The production network enables employees to connect to their necessary resources, while guest Wi-Fi is for those outside of the organization seeking internet access. Both should have web content filtering, especially on guest networks. Otherwise, it can create issues with HR-mandated acceptable-use policies and increase the risk of malware infections.
8. Lack of network segmentation. Guest Wi-Fi should remain segmented from the rest of the network to keep proprietary data secure. In improperly segmented wired and wireless networks, guest wireless can gain access to internal production network subnets.
9. Weak encryption ciphers and protocols. Critical business systems such as external-facing servers and web applications indirectly pose wireless security risks if their ciphers and protocols are weak or outdated. Those prone to cracking include Rivest Cipher 4 and Triple Data Encryption Standard, Transport Layer Security 1.0, and Secure Sockets Layer 2.0.
10. Wireless networks don't comply with existing security policies. When wireless networks deviate from existing security policies and response plans, they leave indefensible gaps in the event of an incident or breach. Consistent security audits and re-evaluations can help tighten those gaps.
11. WPA2. While it's the most common security protocol currently running on wireless networks, WPA2 is also vulnerable to dictionary crack attacks. Changing over to WPA3-enabled devices minimizes that risk. However, as that might not be immediately possible, using long and complex passphrases or keys minimizes this risk.

Some vulnerabilities are more critical than others, depending on the context. Regardless, fixing known wireless security risks is crucial, no matter the context. Most of the prior vulnerabilities don't require a cost increase to network budgets to fix, either.

WPA3 prevents wireless security weaknesses

The newest wireless security standard -- WPA3 -- mitigates current Wi-Fi weaknesses through the following features:

• A key exchange protocol that effectively eliminates dictionary attacks.
• Perfect forward secrecy to prevent hackers from cracking previously captured traffic.
• Wi-Fi Certified Easy Connect to simplify and secure the wireless connectivity process. This replaces Wi-Fi Protected Setup and enables IoT device connectivity.
• Opportunistic wireless encryption that protects unauthenticated or open service set identifier connections.

Even if organizations implement WPA3, they can still be exposed to someone mimicking a legitimate AP -- the evil twin vulnerability. This attack has been around since Wi-Fi's inception. Not only can an evil twin attack exploit network systems and information, but organizations will likely never know about it when it happens. Mitigate this vulnerability using a wireless intrusion prevention system.

User training

User training, while not guaranteed to reduce wireless security risks, can go a long way. Talk to users about attacks that can and have happened when connecting to vulnerable or exploitive wireless environments. Encourage VPN connections, and advise them to only connect to trusted wireless networks. Tell them never to disable their endpoint security controls, especially their firewalls and antimalware software.

User training shouldn't be one-and-done. Continuous training is crucial for wireless security. Training should cover not only the basics, but updated information as well. This includes not only emerging threats, but technologies as well. As more networks integrate 5G and AI capabilities, users should know how they affect the network. Review security policies quarterly, and ensure users are trained at least two or three times a year.

Kevin Beaver is an independent information security consultant, writer and professional speaker with Atlanta-based Principle Logic, LLC. With more than 30 years of experience in the industry, Beaver specializes in performing vulnerability and penetration tests, as well as virtual CISO consulting work.