Wireless woes

More than two-thirds of security professionals lack confidence that they can prevent a wireless attack.

  • 4 years ago Posted in
Outpost24 has released the second installment of results from the 2020 Internet of Evil Things report, which questioned more than 200 security professionals about the wireless security threats they feared the most and revealed 67% had no confidence that they could prevent a wireless attack. 

 

This is particularly disturbing when considering the growing number of shadow IoT (Internet of Things) and wireless devices entering the workplace. With BYOD already a growing problem for enterprises, the number of IoT devices is expected to rise to 20.4 billion worldwide, which will notably increase an organisation’s overall attack surface. Therefore, it is no surprise that 71% of security professionals believe that they should be ramping up efforts to monitor and protect against rogue devices and access points.

 

The security experts surveyed also ranked the types of wireless attacks according the magnitude of threat they believe rogue access points were to their organisation. The highest-ranking threat was password theft at 62%, followed closely by Botnet / Malware at 60% and Man in the Middle attacks at 55.5%. However, these threats barely scratch the surface of wireless attack vectors, as other potential threats facing enterprises include denial of service attacks, eavesdropping, evil twins, Wi-Fi spoofing, and Bluetooth attacks, to name but a few. These results highlight the key fears facing security professionals who are self-admittedly concerned about modern wireless attacks.

 

Furthermore, most organisations admitted to either lacking visibility of wireless devices on their network or failing to enforce network access policy, as more than half (57%) of device purchases are not cleared by security teams prior to accessing corporate networks. Similarly, 53% of organisations do not know how many devices are connected to their network, while less than a third (30%) of businesses ensure that Bluetooth pairing or wireless connection requires security authentication before gaining access to networks.

 

“Despite widespread knowledge about the vulnerabilities Wi-Fi and Bluetooth can introduce, it appears a ‘head in the sand’ approach continues to reign amongst security professionals due to the lack of visibility and control. On balance, we know security teams are short of time and talent. That may lead to a majority of organisations bypassing the necessary steps to proactively secure and monitor their wireless airspace like they would and should for their wired networks” comments Bob Egner, Head of Product at Outpost24.

 

For the professionals surveyed, almost two thirds (61 percent) regard BYOD as a serious threat to their enterprise, while 21 percent feared the attacks via IoT devices in the office which include printers, coffee machines, smart assistants, and intelligent lighting. Unless wireless security is taking seriously, this concern of exploitable devices will only increase as the market grows.

Egner added, “With the threat of wireless network attack increasing every day, organisations must implement the tools to actively identify all BYOD, IT, and IoT devices on the wireless network. Further, they need to monitor for indicators of exposure and attack as part of their vulnerability management process to ensure they are not blindsided by the hidden attack surface wireless technologies bring.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...