Vulnerability Management

Burgeoning mobile Wi-Fi hotspots present risks to enterprises

Conventional Wi-Fi hotspot sites are fixed and are limited to restaurants, airports, hotels, hospitals, coffee shops, departmental stores, parks and other public places.

However, in the recent times, a new class of Wi-Fi hotspots, generally known as mobile hotspots, is getting popular. Mobile Wi-Fi (Mi-Fi) hotspots are personal devices which easily can be carried and set up at any convenient place, to provide internet access to a limited number of Wi-Fi users and devices.

Consumerization of portable Wi-Fi devices is the main driving factor behind increasing mobile Wi-Fi hotspot options. Some of these are standalone devices, whereas others can be set up in software on a PDA, laptop/netbook or a smartphone. Further, some provide hotspot functionality in Wi-Fi infrastructure mode, while others in Wi-Fi ad-hoc mode.

Mobile hotspots' growing popularity can be gazed from the fact that hotspot-creating applications are becoming popular on the web. Similarly, cellular carriers around the globe are providing and launching Mi-Fi-like devices. With 4G cellular networks now rolling out, mobile hotspot usage is expected to increase in coming times.

However, growing usage of mobile Wi-Fi hotspots is having detrimental effects on corporate security. Hardware options for mobile hotspots, such as Mi-Fi devices and USB Wi-Fi routers, easily can be brought into corporate premises lacking strict physical security. In addition, tools for soft hotspot creation on corporate endpoints and employee smartphones readily are available.

Mobile hotspots are generally set up by employees, visitors and guests for convenience. But such convenience leaves the enterprise security in the cold in one or more of following ways:

Easy, unrestricted internet access: Corporate employees will be able to bypass corporate firewalls and internet access policies when they connect their laptops and notebooks to an active hotspot (with uplink to a cellular data connection). With unrestricted access to the internet, not only is employee productivity at risk, but employees are more susceptible to installation of malware on their machines. Malware can result in disruption of the corporate network, theft of personal and corporate confidential information or improper functioning of the affected machine. Also, the malware can spread to other parts of the network.

Malicious access to corporate endpoints: Mobile Wi-Fi hotspots generally lack strong security controls, so if a personal hotspot signal reaches at places such as a parking lot or outside the premises, then a malicious hacker can connect to this hotspot and achieve access to corporate endpoints associated to the hotspot.

Increased exposure to malicious attacks: Even after the shutdown of a mobile hotspot, the network details are cached in to a connected corporate Windows machine, which causes the machine to search for the hotspot network at a later time. A seasoned Wi-Fi hacker (in range of searching signal) can exploit this in particular cases and can establish a connection with machine to compromise the same in various ways.  

Increased rogue AP risks: Windows 7, USB Wi-Fi routers and smartphone-based hotspots operating over a corporate machine can result in a rouge access point (AP), if, by chance, these hotspots are configured to share the corporate network access available on the machine with their respective hotspot users. A rogue AP provides backdoor/unauthorized access to the corporate network. 

Increased interference to the corporate Wi-Fi network: Operation of hotspots inside the corporate premises causes interference and drives corporate Wi-Fi network performance to lower levels. Very low values of performance occurring due to excessive interference from large number of operational hotspots is analogous to a denial-of-service attack on corporate Wi-Fi. Apple CEO Steve Jobs, at recent iPhone 4 launch, experienced such excessive interference from audience members operating a large number of personal Mi-Fi devices during the launch.

Summary

Considering the effects on enterprise security, the need for 24-by-7 monitoring and scanning for various types of operational hotspots is apparent. To detect and prevent the operation of mobile hotspots, deployment of a wireless intrusion prevention system (WIPS) can be considered. Software mobile hotspots also can be prevented by installing a wireless security agent on to the machines on which these software hotspots are configured.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.