We put the IT in city®

CitySmart Blog

Tuesday, September 11, 2018
Nathan Eisner, COO
Nathan Eisner

As if the City of Atlanta’s cybersecurity issues couldn’t get any worse, a recent Help Net Security article reported that the city’s Wi-Fi was under attack by hackers using phishing techniques. The article notes several techniques that hackers use to attack Wi-Fi access points:

Evil twin: A hacker sets up a fake access point that might share the same name as your legitimate city Wi-Fi. Users log in, reveal sensitive information (like a username and password), and hackers can now snoop on your network.
- Captive portals:After you log into a Wi-Fi network but before you get access, you might see a webpage that pops up asking you to connect, for a password, or for further authentication before you can actually access the internet. A hacker can use a fake captive portal to intercept a user and steal sensitive information.
- Man-in-the-middle attack: A hacker inserts himself in the middle between you and the other person (or system) with whom you are communicating by using an ARP spoofing attack (which is too technical to dive into here). The hacker is then able to eavesdrop and possibly alter the communication.

Your city stores confidential, sensitive, and personal information that is valuable to hackers. And Wi-Fi can be one of your weakest links in your security chain.

Let’s look at why.

1. Cities tend to use unsecured or poorly secured Wi-Fi devices.

It’s tempting to set up a wireless device like you would at home. Go to a retail store, set it up yourself, and you’re wireless! Unfortunately, there’s a good chance that a non-technical employee setting up a consumer-grade wireless device may not know how to secure it properly.

Even in situations when an IT employee or vendor sets up Wi-Fi access, they may attempt to secure it but do so poorly through not setting up a strong enough password, configuring the security settings improperly, or leaving the Wi-Fi devices in a public space without any physical security.

2. Lack of Wi-Fi security gives an opening for criminals to access your network.

When passwords, encryption, software patching, security protocols, and physical security are all weak or non-existent, you create open doors and windows through which a hacker can gain internal access to your network. For example, hackers will “sniff out” Wi-Fi access points to look for ones that don’t prompt them for any password. Gold! Or, they look for Wi-Fi access points with weak encryption so that they can read all the information sent and accessed by your wireless users.

Think of your Wi-Fi access points like doors and windows to a building. You need to lock and protect those doors and windows so that a criminal cannot enter that building.

3. Securing your Wi-Fi access points doesn’t mean using the default password.

A non-technical employee may not think twice about using the default password identified in the Wi-Fi setup when unpackaging the device. After all, it must be a unique password that only you know. Right?

Check out this list of Cisco default passwords. So…no.

Lifewire points out in an article that “The default usernames and passwords for popular models of wireless network gear are well-known to hackers and often posted on the internet. [...] If the default password isn't changed, any attacker or even a curious individual who comes within signal range of an unsecured device can log into it. Once inside, they can change the password to whatever they choose, locking the owner out of the device and effectively hijacking the network.”

4. WiFi configuration is complex and needs someone with technical expertise to set up and monitor.

It is all too common to find WiFi not properly configured and instead left at the default settings. This leaves you open to security risks. Configuration involves technical aspects such as:

  • Security protocols: These affect the level of your WiFi device’s security.
  • Network integration: Connecting your wireless devices to your network involves technical integration such as correlating IP addresses.
  • Adjusting settings for your internet traffic:Configuration settings can affect the speed of your wireless access or leave ports (doorways / paths) open that should be closed.
  • Patching and updates: Like any software, your WiFi device will require patches and updates to eliminate bugs and security vulnerabilities.
  • Monitoring and maintenance: Experienced IT professionals need to monitor and maintain your wireless devices for security issues.

5. No hacker should be able to access your wireless administration.

You might think your wireless devices are safe if IT staff or a local vendor set them up. But we find that many wireless access points are weakly guarded by either no password or a simple password such as “admin.” If a hacker can climb into the administrative functions of your wireless devices, they can wreak havoc on your network—setting their own passwords to block you out, gathering the usernames and passwords of users, and accessing sensitive information.

To learn more about securing your wireless access, read our post that recommends:

  • Securing and locking down all wireless devices.
  • Removing physical wireless access hardware from the public or unauthorized employees.
  • Applying patches and upgrades to wireless devices.
  • Using appropriate wireless hardware and configuring it properly.
  • Monitoring and maintaining your wireless network for security risks.

Securing your wireless access points begins with proper setup, configuration, and deployment by an IT professional. If you’re having issues with or uncertainty about your wireless security, reach out to us today.