The Rise of the 24/7 Security Scanning Access Point

  • None--Security Boulevard
  • published date: 2022-01-21 09:38:00 UTC


<div id="contentsContainer" class="style-scope qowt-page"><div id="contents" class="style-scope qowt-page"><p id="E367" class="x-scope qowt-word-para-0"><span id="E368">An astonishing</span><span id="E369"> 90%</span><span id="E371"> of </span><span id="E373">enterprise data <a href="" target="_blank" rel="noopener">breaches</a></span><span id="E374"> are caused by <a href=",from%20%243.86%20million%20in%202020." target="_blank" rel="noopener">phishing attacks</a>, </span><span id="E375">costing </span><span id="E376">businesses </span><span id="E377">billions </span><span id="E378">every year</span><span id="E379"> in lost revenue and downtime</span><span id="E381">. Rogue devices are often the gateway to such attacks. </span><span id="E382">The industries most vulnerable to hacking include finance, medicine, education, warehousing, airports and rail stations, government and distributed enterprise networks</span><span id="E383">.</span><span id="E384"> These verticals operate at </span><span id="E385">pervasive</span><span id="E386"> levels and handle </span><span id="E387">highly</span><span id="E388"> sensitive data</span><span id="E389"> that could devastate businesses and customers in the wrong hands</span><span id="E390">.</span></p><p id="E391" class="x-scope qowt-word-para-0"><span id="E392">To make matters worse, the proliferation of IoT and edge devices has created even more </span><span id="E393">wireless </span><span id="E394">attack surfaces than ever, putting even more companies at risk.</span></p><h3 id="E395" class="x-scope qowt-word-para-0"><span id="E396">Enter the 24/7 Security Access Point</span></h3><p id="E397" class="x-scope qowt-word-para-0"><span id="E398">Security access points come with extra dedicated scanning radios designed </span><span id="E399">solely</span><span id="E400"> to scan for threats around the clock. Security APs create a </span><span id="E401">persistent</span><span id="E402"> </span><span id="E403">line of defense</span><span id="E404"> between enterprise networks and the criminals who want to hack them.</span></p><h3 id="E405" class="x-scope qowt-word-para-0"><span id="E406">Why is this Important?</span></h3><p id="E407" class="x-scope qowt-word-para-0"><span id="E408">One of the most serious problems with </span><span id="E409">a number of </span><span id="E410">standard Wi-Fi access points is they only scan business networks for security threats during non-peak times. Their internal dual-band radios are tasked primarily with providing a Wi-Fi connection, leaving security scanning to be done when there is less traffic overloading the network.</span><span id="E411"> </span></p><p id="E412" class="x-scope qowt-word-para-0"><span id="E414">Frankly, that’s not good enough.</span></p><p id="E415" class="x-scope qowt-word-para-0"><span id="E416">S</span><span id="E417">ecurity APs are different. </span><span id="E418">Because they scan constantly, t</span><span id="E419">hey will detect rogue device</span><span id="E420">s</span><span id="E421"> or malicious activity</span><span id="E422"> immediately</span><span id="E424">, sending an alert to IT administrators who can act to isolate </span><span id="E425">and disconnect </span><span id="E426">the device </span><span id="E427">or stop the malicious attack in its tracks</span><span id="E428">.</span><span id="E429"> </span><span id="E430">S</span><span id="E431">ecurity access points </span><span id="E433">are built</span><span id="E434"> </span><span id="E435">to address dangerous and costly cyberattacks.</span></p><p id="E437" class="x-scope qowt-word-para-0"><span id="E438">So, what do these <a href="" target="_blank" rel="noopener">cyberattacks</a> really look</span><span id="E439"> like</span><span id="E440">? </span><span id="E441">And h</span><span id="E442">ow vulnerable are </span><span id="E443">you</span><span id="E444">?</span></p><h3 id="E445" class="qowt-stl-Heading1 x-scope qowt-word-para-0"><span id="E446">Types of Cyberattacks</span></h3><ul><li id="E447" class="x-scope qowt-word-para-0"><strong><span id="E448">Evil twin:</span></strong><span id="E449"> Rogue access points can impersonate a legitimate network, simulating the same SSID and MAC address</span><span id="E450">. </span><span id="E451">Employees and visitors can be tricked into connecting to the rogue AP instead of the legitimate network, opening the door to having their personal information and activity hacked.</span><span id="E452"> Security APs can identify the threat immediately and neutralize it before any harm is done.</span></li><li id="E453" class="x-scope qowt-word-para-0"><strong><span id="E454">Man-in-the-middle:</span></strong><span id="E455"> When the SSID security type is </span><span id="E456">“</span><span id="E457">Open</span><span id="E458">”</span><span id="E459"> or </span><span id="E460">“</span><span id="E461">WPA-Personal,</span><span id="E462">”</span><span id="E463"> the attacker </span><span id="E464">is able to </span><span id="E465">secretly relay and </span><span id="E466">alter</span><span id="E467"> the communication between </span><span id="E468">an access point</span><span id="E469"> and wireless client who believe they are directly communicating with each other. The attacker makes independent connections with </span><span id="E470">both </span>victims and relays messages between them to make them believe <span id="E473">their conversation is private</span><span id="E474">, when in fact the entire conversation is controlled by the attacker.</span></li><li class="x-scope qowt-word-para-0"><strong><span id="E476">Invalid SSID misuse</span></strong><span id="E477"><strong>:</strong> M</span><span id="E478">isconfigured access points</span><span id="E479"> s</span><span id="E480">imulate </span><span id="E481">a </span><span id="E482">company SSID from </span><span id="E483">an </span><span id="E484">unauthorized </span><span id="E485">access point</span><span id="E486"> </span><span id="E487">connected to your private network with a configuration that does not conform to your security policies</span><span id="E488">,</span><span id="E489"> </span><span id="E490">thus allowing</span><span id="E491"> insecure connections. This can happen anytime an AP isn’t set up properly</span><span id="E492">,</span><span id="E493"> </span><span id="E494">for example, </span><span id="E495">leaving default settings unchanged.</span></li><li class="x-scope qowt-word-para-0"><strong>RF jammer:</strong><span id="E498"> </span><span id="E499">An</span><span id="E500"> RF jammer device will specify an SSID/</span><span id="E501">c</span><span id="E502">hannel to send packets or RF signal</span><span id="E503">s</span><span id="E504"> </span><span id="E505">constantly</span><span id="E506">, </span><span id="E507">forcing</span><span id="E508"> other clients </span><span id="E509">to</span><span id="E510"> be dropped by </span><span id="E511">the overloaded </span><span id="E512">channel.</span></li><li class="x-scope qowt-word-para-0"><strong>De-authentication frame:</strong><span id="E515"> IEEE 802.11 Wi-Fi protocol </span><span id="E516">allows</span><span id="E517"> a de-auth frame </span><span id="E518">to tell</span><span id="E519"> a client they have been disconnected from </span><span id="E520">a</span><span id="E521"> network. The</span><span id="E522"> problem is that the</span><span id="E523"> protocol does not require any encryption for this frame. Thus, an attacker can send a de-auth frame at any time to the </span><span id="E524">access point</span><span id="E525"> with a client’s </span><span id="E526">MAC address.</span></li></ul></div></div><div id="contentsContainer" class="style-scope qowt-page"><div id="contents" class="style-scope qowt-page"><h3 id="E527" class="qowt-stl-Heading1 x-scope qowt-word-para-0"><span id="E528">Features to Look f</span><span id="E530">or</span><span id="E532"> in a Security AP </span></h3><p id="E533" class="x-scope qowt-word-para-0"><span id="E534">Security</span><span id="E535"> access points </span><span id="E536">come with </span><span id="E537">a number of </span><span id="E538">key features designed to stop </span><span id="E539">cyber</span><span id="E540">attacks as well as</span><span id="E541"> </span><span id="E542">bonus</span><span id="E543"> features to enhance the visibility </span><span id="E544">and performance </span><span id="E545">of your network:</span></p><ul><li id="E546" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E547">Wireless intrusion detection system (WIDS) for threat detection</span></li><li id="E548" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E549">Wireless intrusion protection system (WIPS) for attack remediation</span></li><li id="E550" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E551">Dedicated scanning radios for 24/7 wireless security monitoring</span></li><li id="E552" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E553">RF spectrum analysis for identifying clean channels and ensuring all SSIDs are legitimate</span></li><li id="E554" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E555">Wi-Fi 6 technology for high-performance Wi-Fi in high-density, multi-device environments</span></li><li id="E556" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E557">Zero-wait DFS to avoid client disruption when radar is detected on DFS channels</span></li><li id="E558" class="qowt-li-1_0 qowt-list qowt-stl-ListParagraph x-scope qowt-word-para-0"><span id="E560">Bluetooth 5 low energy for BLE device detection and location-based extended advertising</span></li></ul><p id="E562" class="x-scope qowt-word-para-0"><span id="E563">Now is the chance for businesses of all sizes to get in on the ground floor of this revolutionary technology. </span><span id="E564">As potential security risks grow in proportion to the expanding Wi-Fi grid, several manufacturers are taking the lead in making sure enterprise networks are protected at all times.</span></p></div></div>