Story image

How to ensure stronger security in the multi-front WiFi security battle

14 Sep 17

WiFi is a major part of the government and private sector’s ability to provide internet access to networks and critical applications anytime and anywhere, however WiFi security still has a lot to answer for, according to advice from NETSCOUT.

The number of threats against networks have risen steadily and the company believe this rise is due in part because it’s easy to launch attacks against wireless networks.

"From plugging in cheap unauthorised/rogue access points (APs) in the network, to downloading attack tools from the internet, to buying radio frequency jammers that make the entire wireless spectrum unusable, network and security operation teams are fighting a multi-front WiFi security battle,” comments Netscout’s director of APAC channels, Amit Rao.

The company says the latest wireless attacks and hack attempts can range from snooping and denial of service attacks to cracking and information theft.

“There are often misconceptions around the false security offered by the AP infrastructure to monitor itself. In fact, the AP itself can be a target for hackers.”

Netscout says that in some organisations, it could be necessary to create no-wireless zones in particularly sensitive areas.

These zones can cover certain areas, a whole building or the entire perimeter. Perimeter protection can prevent WiFi drone attacks and stop wireless campers from accessing the network.

“The number one thing is to define the boundaries. Secondly, define the policy for detection. Include things like rogue AP detection, rogue station detection, WiFi pineapples, and honeypot detection, and always refine the company policies. Lastly, define the response when a rogue device has been detected including locating the unauthorised device, deciding who is going to retrieve it, and keeping evidence for potential prosecution,” Rao explains.

"Organisations need to be on the leading edge of detecting the latest wireless threats to meet the security, performance, and compliance demands of today’s mobile workforce. To do this organisations should look for a solution with 24x7 always-on WLAN assurance, an analysis engine for alarm signatures, and dynamic threat updates, comprehensive WLAN reporting, and spectrum analysis,” Rao concludes.

Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.