Every device that is connected to the Internet is a potential access point for hackers, risking data and personal information. There are some inherent vulnerabilities in Wi-Fi security protocols and hardware components, which can make the lives of hackers that much easier.
These possible entry points could provide hackers with access to networks and to any other connected IoT devices. Among the trouble spots, making Wi-Fi hijacking attractive to cybercriminals, is the default configuration of connected devices, default passwords and encryption that is weaker than it should be.
“One of the examples that demonstrate how dangerous poorly secured Wi-Fi is, is to consider a surveillance camera that’s connected to a Wi-Fi network that is hacked and allows the hacker to spy on the footage,” said Indi Siriniwasa, Vice President of Trend Micro Sub-Saharan Africa.
“Yes, there are a lot of security protocols that have been developed to protect networks, however, there are weaknesses in the protocols themselves which can expose a wireless network to hijacking.”
There are several different things that a cybercriminal needs to hack into Wi-Fi; the right kind of tools which are often open source and publicly accessible; a network that has low traffic, making it difficult to pinpoint a breach and a short password on the Wi-Fi network, which is quick and easy to crack. Outdated or old routers or devices that are no longer updated also provide easy pickings.
“Employees may not have adequately secured Wi-Fi at home and then bring an infected device to their place of business and opening up the chance of malware or spyware or any other malicious material to be distributed onto the company network without realising this is happening,” added Siriniwasa.
“This opens up an entire organisation to cyberattack and now with regulations having tightened on privacy, the consequences can be dire.”
Increasing security therefore is of great importance. Changing the default Wi-Fi network names and passwords is a good place to start, as well as updating the firmware on Wi-Fi enabled devices, routers and other hardware.
Network monitoring and reviewing device logs would highlight suspicious activity. For added security, a two-factor authentication tool allows network admin to instantly see if there is unauthorised or questionable access to the network itself.
“Raising awareness about cyber risks within your company will go a long way to help prevent cyberattacks,” said Siriniwasa.
“Teach your staff about securing their wireless network both at work and at home. Make them part of your defence system. We can secure devices, but bringing your staff on board against cybercrime is winning half of the battle.”