These possible entry points could provide hackers with access to networks and to any other connected IoT devices. Among the trouble spots, making Wi-Fi hijacking attractive to cybercriminals, is the default configuration of connected devices, default passwords and encryption that is weaker than it should be.
“One of the examples that demonstrate how dangerous poorly secured Wi-Fi is, is to consider a surveillance camera that’s connected to a Wi-Fi network that is hacked and allows the hacker to spy on the footage. Yes, there are a lot of security protocols that have been developed to protect networks, however, there are weaknesses in the protocols themselves which can expose a wireless network to hijacking,” explains Indi Siriniwasa, vice president of Trend Micro Sub-Saharan Africa.
There are several different things that a cyber criminal needs in order to hack into Wi-Fi: the right kind of tools, which are more often than not open source and publicly accessible; a network that has low traffic, making it difficult to pinpoint a breach and a short password on the Wi-Fi network, which is quick and easy to crack. Outdated or old routers or devices that are no longer updated also provide easy pickings.
“Employees may not have adequately secured Wi-Fi at home and then bring an infected device to their place of business and opening up the chance of malware or spyware or any other malicious material to be distributed onto the company network without realising this is happening. This opens up an entire organisation to cyber attack and now with regulations having tightened on privacy, the consequences can be dire,” Siriniwasa continues.
Increasing security, then, is of great importance. Changing the default Wi-Fi network names and passwords is a good place to start, as well as updating the firmware on Wi-Fi enabled devices, routers and other hardware.
Network monitoring and reviewing device logs would highlight suspicious activity. For added security, a two factor authentication tool allows network admin to instantly see if there is unauthorised or questionable access to the network itself.
“Raising awareness about cyber risks within your company will go a long way to help prevent cyber attacks. Teach your staff about securing their wireless network both at work and at home. Make them part of your defence system. We can secure devices, but bringing your staff on board against cyber crime is winning half of the battle,” advises Siriniwasa.