IT managers are really starting to worry about hackers using fake hotspots known as "evil twins" to prey on their...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
mobile workers, if Spencer Parker's clients are any indication.
"I'm hearing from a number of enterprise customers that these kinds of threats are picking up," said Parker, product line manager of mobile products for Alpharetta, Ga.-based wireless security firm AirDefense. "They're really scared about this because of their growing mobile workforces. The ability to simulate a hot spot allows an attacker to intercept all the traffic he wants, including online banking and things like that. None one of your information is safe, and it's very simple for an attacker to do this."
Evil twin attacks are similar to phishing scams. While phishing attacks come as legitimate-looking messages from banks and other organizations that trick users into clicking a malicious link, evil twins pose as legitimate hotspots. Users latch onto these unauthorized access points -- which overpower real hotspots -- and leave themselves open to an online mugging, Parker said.
"There's a common misconception that if your IT department puts a personal firewall and AV on laptops and makes people use a VPN, you're protected," Parker said. "Those are great protections, but there's one big problem: Firewalls today aren't designed to look at wireless headers of the packets they inspect. So these types of man-in-the middle attacks go undetected. It's invisible to the firewall."
While wireless products and security measures are continually becoming more advanced, so is the technology hackers use to compromise that security, he said, adding, "The spread of these attacks is directly linked to the lack of education and information about wireless LAN security and threats."
While he recommends IT administrators consider security devices like those his company produces, Parker said they should also, if possible, use tools that incorporate the 802.1x authentication protocol. "A hacker can't get past that strong an authentication," he said of 802.1x.