I read about a new exploit that makes it easy for attackers to use Heartbleed against wireless networks and the...
devices connecting to them. What is the best way to prevent sensitive data from being taken from vulnerable routers?
Heartbleed is a serious flaw and apparently 97% of Global 2000 companies are still vulnerable. While I don't think it's the most critical flaw to ever hit the Web like some believe, it certainly needs attention. The flaw not only affects corporate wireless networks but also the home networks that most corporate environments extend to. In effect, Cupid -- a spawn of the Heartbleed flaw -- is using wireless networks to expand the attack surface of every corporate environment.
To protect against these attacks, you need to be like one of the 3% of the Global 2000 companies, which requires these three things:
- Knowing your network, specifically the wireless systems you have under your control.
- Understanding how these wireless systems are vulnerable to Heartbleed/Cupid exploits.
- Doing something about it -- which means patching, revoking the affected SSL certificates and changing your private keys. You may need to replace the affected systems altogether.
Beyond this, you're going to be hard-pressed to fix the problem with any other access points your users connect to unless all systems are updated across the board. The truth of the matter is you can't control the wireless networks your users connect to all the time. The best you can do is ensure personal firewall/intrusion prevention system software use, update malware protection, maintain current patches and other security basics.
On a related note, be sure to disable Wi-Fi Protected Setup (WPS) on your consumer-grade access points. A great tool called Reaver Pro can exploit a known flaw in WPS that allows for PIN cracking to obtain your WPA pre-shared key, easy as pie.
Ask the Expert!
Want to ask Kevin Beaver a question about network security? Submit your question now via email! (All questions are anonymous.)
Learn more about Heartbleed's incident response lessons.
Gain further insight into open source security following the Heartbleed flaw.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.