Monday, April 20, 2015
Wireless is like leaving the window open
Have you ever left your house, locked it up and drove way not really thinking about it. You return home later and notice air moving. Where is it coming from? You left a window open!! (Gasp). If you think about how a bad guy would enter your home when you are away he probably isn't coming through the front door. My guess is he would see the open window and not take long to get in.
My last blog I talked about perimeter security using a router. If you leave a window open (wireless that is not separated by from you network) it is a pretty easy entry into the network. Again, the hardest part is getting inside the first layer usually. Many small businesses do not even give it a second thought. A few customers ask for if they have wireless, they think why not and throw up an access point (that's that thing with the funny looking antennas on it but sometimes they don't have them) so people can cruise the internet.
LAST BLOG:PERIMETER SECURITY
So whats wrong with that you as? Say I am a bad guy. I drive to the back of your building at about 2 am. Earlier that day I was just driving around to see if I could find anyplace that has an unsecured access point I can jump on to. BINGO!! Your it! Most of the better routers (see how I came back to that router again?) will have the ability to plug multiple pieces of equipment in and then program it so you can separate things like access points from your regular network. People can still cruise the net but it makes it difficult for them to get into your network (not impossible). There are other ways to do this but with the right programming and hardware it can help allot. One other thing that I do with my clients is the Access Points they buy have a schedule in them so I shut them down about an hour after everyone leaves. That prevents Johnny or Jane hacker from jumping on at 2AM.
I still have not explained why you should do this, have I? Johny or Jane hacker can leverage that access point in a number of ways. They can plant some viruses, mess with your systems and here is one that most don't think of (I actually had this happen to a client) commit a crime while using your lines so they trace it back to you. How fun would that be to have the FBI at your door questioning you about some fraud that came from your network? Exactly!!
Now I have one more that hardly any business thinks of. Most printers and copiers these days come with a wonderful wireless feature on them. One that is typically turned on by default and left on. So that isn't so bad. Right? Couple it with most vendors NOT CHANGING DEFAULT PASSWORDS and you have another wide open window.
To stay consistent lets just say there is a bank. It has a copier and wireless was left on. Blasting out to the world "Here I am..Come see me!" Jane Hacker knew this because she was using a wireless analyzer to drive around and again, find open systems or at least ones broadcasting. This time she mixes in with the rest of the cars in the parking lot. She is able to EASILY access that printer through wireless. She now can see the internal hardrive (yep, they have internal hardrives) with stored documents complete with account numbers, names, addresses and social security numbers. (And yes, this happened but it was years back). Jackpot and now she can go sell that info on the black market at a premium of $15 a pop. Just for fun before she leaves she reprograms the LCD display and locks everyone out of it.
I could go on an on about real life things that have happened like this. I could also go into BYOD (Bring Your Own Disaster ... I mean Device) that leverages wireless and other ways it can open a door to your network but I want you to actually continue to read my blogs. I can also get much deeper into the mechanics of how this works but for now lets just say its making you aware.
My lesson for today is, just like looking at a building think of the most unusual way you can get in and not just the obvious. If someone gets inside then the whole router thing I talked about is irrelevant, though I will be talking about those inside layers. AH HA! Its like locking all the doors but letting someone in the back door to look around. Still will catch up with you. Remember. The bad guys really don't want to be seen just like a thief so they may not come at you in broad daylight. Think like a thief!
In the next blog I will touch on some of the more unusual "windows" (Not Microsoft. Figure of speach here folks) that are open out there but have actually been the cause of some of the most publicized and large breaches in the last year. Till then!