We have performed multiple wireless pen tests for large and small corporate environments, and we have found time and time again that companies fail to address the basics.

WiFi has become an essential networking utility to conduct business, maintain communication, and increase connectivity. These wireless networks, if improperly configured/secured, may leave a company vulnerable to a wide range of attacks and data theft. It is not always feasible for small companies to maintain proper resources or have the necessary cybersecurity skills to mitigate these threats.

Fortunately, there are some easy steps to take to provide a great defense against possible attackers and keep business information safer.

  1. Change Default Router/Interface Credentials
  2. All hardware involved in networking ships with default credentials. While it may seem safe to keep these credentials in use, they are often well documented and made available for anyone to find via a simple web search. When an attacker attempts to gain access to a wireless network, they test to see if they can get in with default credentials first (and this can easily be made into an automated process). It is one of the easiest ways to infiltrate a network. It’s always a great tactic to create passwords that are at least 16 characters long with a variety of characters such as letters, numbers, special characters, capital letters, and non-printable characters (when they are available). These passwords should be changed on a frequent basis and when employees leave the company.
  3. Update Firmware and Software
  4. Firmware is updated and released on an as-needed basis when vulnerabilities have been found on the hardware. These updates are meant to protect against any vulnerabilities found on the hardware that can be easily exploited. Updating the firmware is as easy as downloading the update and installing it. The same thing for any type of networking or security software a company may utilize.
  5. Use WPA2 or higher
  6. Wireless Protected Access (WPA) is a wireless security protocol that protects wireless networks with AES. WPA2 is currently the standard, which replaced version 1 and is much easier to set up and utilizes a stronger encryption algorithm to protect your device. WPA2 might not be supported on all devices, and if that is the case, WPA with AES may be used instead. WPA3 is also currently being developed and certified and if your device supports it, it provides even greater security than WPA2.
  7. Utilize router firealls and software firewalls and configure properly
  8. Firewalls protect your network by allowing only designated types of traffic in to or out of the network. Make sure that your router firewall is enabled and configured to deny any unwanted incoming and outgoing traffic. You should also utilize a software firewall installed on the device used to connect to the network. Using two firewalls is recommended to provide a layered defense that can kick in if one or the other firewalls fails.
  9. Change network SSID name
  10. The service set identifier (SSID) is the name that the router gives to the network. They usually have a default name that makes it easy to determine the make and model of your router. If an attacker knows what type of router you’re using, they can narrow down the number of vulnerabilities to test against.
  11. Place your router in a secure location
  12. A router that is placed in a very accessible place is susceptible to an attacker who can press the reset button, unplug it, or reboot it easily. This bypasses all the logical controls that were configured on the router. They might even be able to use the WPS button to connect to the network automatically. Further, a router placed by the edges of a building sends its wireless signal outside the building. Placing the router in the center of the building and behind a locked door is recommended.
  13. Disable WPS
  14. Wireless protected setup (WPS) is a technology that allows whoever has physical contact with the router to turn on its device discovery capability. This feature exists to ease the connection setup between a device and the network. It allows the device to connect to the network without the need for a password. This feature can easily be used by an attacker to connect to your network.
  15. Separate the network traffic between public and private
  16. Divide the network into points of access that employees may use and one that the public may use. This isolates the company’s assets from the public, which gives an extra layer of security.
  17. Disable remote access
  18. Some routers will allow a remote administration connection. This should be disabled, and administration should be done while in physical proximity to the device.
  19. Utilized WPA2-Enterprise with RADIUS connected to an Active Directory server
  20. Using a separate server with remote authentication dial-in user service (RADIUS) allows each user a unique set of credentials, as opposed to a single password, to authenticate to the wireless network. This centralized authentication server is also easier to update and control user and password management.