How MSPs Can Get a Leg Up on Their Competition with Wi-Fi Security

TWE graphic

I’m a little embarrassed to admit this, but I think about Wi-Fi ALL THE TIME. Not just because Wi-Fi has become a necessity that I can’t live without, but also because I work for a company whose mission is to not only offer Wi-Fi to our partners and customers, but offer them secure Wi-Fi, so that they don’t ever have to worry about their data being compromised by hackers.

When I think about the Wi-Fi market today, it consists of Wi-Fi offerings that are all relatively the same, making it extremely difficult for MSPs to differentiate themselves. When choosing a Wi-Fi solution, simply offering consumer-grade Wi-Fi fails to provide the performance, security, or even scalability that today’s organizations require, while traditional enterprise-grade Wi-Fi comes at high costs with added overhead. This leaves SMBs in search of a middle ground.

So what is an MSP like yourself left to do? Offering a Trusted Wireless Environment that is fast, easy to manage, and most importantly, secure is the way to go. When MSPs offer a Trusted Wireless Environment, they deliver on the three core pillars of market-leading performance, scalable management, and verified comprehensive security, defending their customers against the six known Wi-Fi threat categories:

1.     Rogue Access Point

You own a retail store that has customers coming in and out all day. When it’s busy, it’s impossible to keep an eye on everyone there every second of the day. It’s easy for someone to jump into the wire closet and plug in the cheapest access point they could get and they’re now able to gain access to the company’s private secure network and can hijack POS systems to reveal credit card numbers and more.

2.     “Evil Twin” Access Point

On your lunch break you decide its finally time to update your wardrobe – nothing wrong with that! But a hacker is using an evil twin access point and you’ve now unsuspectedly connected to their copy of your Wi-Fi SSID. Once you go to check out and enter in your credit card information to order that new dress, the hacker has your information and is ready to go sell it on the dark web.

3.     Rogue Client

You stop by the same café on the way to work every day. Since you’ve connected to their Wi-Fi network before, your phone automatically connects as soon as you set foot in the door. Unfortunately, that day, someone had set up an evil twin access point, tricked your phone, and infected your phone while you’re in range of your private WLAN with ransomware for you to take back to the office. As soon as you’re back at your desk, your phone connects to your corporate Wi-Fi and the ransomware is off and running!

4.     Neighbor Access Point

Susan in marketing cannot get through the morning without listening to her favorite new soundtrack. Her phone is almost dead, so she wants to use her company-issued computer to connect to a streaming site. Her company’s firewall restricts access to streaming music, but that’s no worry for Susan – she’ll just connect to the downstairs coffee shop’s unsecure Wi-Fi and start listening away. Unfortunately for you, a hacker is sipping his first cup of coffee, just waiting for her to connect and get to work on accessing your network.

5.     Ad-hoc Network

As a meeting is getting ready to start, Carl’s boss is STILL waiting for that file he promised would be there this morning. It would take him too long to use the corporate-approved secure network file sharing, so he decides to set up an ad-hoc network to send it directly from laptop to laptop. Sending files via AirDrop or AirDroid creates security and legal implications that could affect your organization.

6.     Misconfigured Access Point

An access point gets shipped from corporate to your new office and Charlie, the receptionist, volunteers to set it up! He follows the instructions and installs the access point that’s now broadcasting an open SSID, which is leaking private data like a sieve. You can’t blame him, because he’s not an IT pro, but you’re still left with a misconfigured AP that could be a serious risk to your organization.

All these threats are not new and have been around since Wi-Fi went mainstream 20 years ago. But one thing that has remained the same and is so shocking to me, there are no security standards around Layer 2 Wi-Fi to keep Wi-Fi users like you and me safe. This is why I’m advocating for change. We all deserve to connect to Wi-Fi we can trust. I want to be able to connect to Wi-Fi at my favorite coffee shop and not have to look around wondering if the person sitting next to me on their laptop is a hacker. Hackers prefer to go after Wi-Fi because it’s the weak link in the security chain and it doesn’t take much to hack into a Wi-Fi network. There are thousands of how-to videos on YouTube and a $99 pen testing tool like the WiFi Pineapple to make any Wi-Fi hack seamless.

We must put a stop to this! Join me and let’s end Wi-Fi hacks together by signing this petition: Every signature we collect will help us partner with organizations such as Congressional Wi-Fi Caucus, WiFiForward, PCI Security Standards Council, Wi-FiNOW, IEEE, and Wi-Fi Alliance to name a few. These organizations help build security standards for businesses around the world and we want to join forces by collaborating with them to make this world a safer place.

Establishing a Global Standard for Wi-Fi Security

When was the last time you thought about the security of your wireless communications? We’re constantly leveraging Wi-Fi networks during business meetings, and at coffee shops, restaurants, airports and more. It’s almost second nature to tap into the local Wi-Fi network wherever we go. And while wireless security and privacy standards have been around for quite some time, none are completely immune to the six known Wi-Fi threat categories. This leaves businesses, employees and everyday users open to data theft and other major security issues.

In his latest Forbes Technology Council column, WatchGuard CTO Corey Nachreiner highlights the shortcomings of existing wireless standards and protocols, and calls for the industry to rally together to establish a global standard for Wi-Fi security that truly protects organizations and their users from every class of Wi-Fi attack. Here’s a brief excerpt from the piece:

The problem is that there are Wi-Fi threats that work regardless of these encryption and authentication protocols. The Evil Twin attack is one such example, where an attacker simply copies the wireless network name (something called an SSID) of a Wi-Fi network you have joined before, such as your official corporate Wi-Fi network. Unfortunately, Wi-Fi clients happily connect to any network with the name they are looking for. Which version of that network they join depends more on the range and signal strength of the network than any other factor.

Even if your real wireless network uses strong WPA3 encryption to make sure only authenticated clients join it, your phone or laptop will connect to a fake version of that network, even without any wireless security enabled at all. While Wi-Fi security standards have protocols that can protect you when you join the right network, they don’t have industry-wide security technologies that keep your devices from unknowingly connecting to evil fake networks (the Mystique version).

Beyond the Evil Twin attack, other examples of Wi-Fi threats today include ad-hoc or peer-to-peer wireless networks, rogue access points, rogue clients and more. For more information on all six of the known Wi-Fi threat categories, check out the Trusted Wireless Environment (TWE) movement. This movement outlines the threats that WPA3 and other Wi-Fi security standards don’t currently detect and prevent and is gathering support for the development of a better worldwide Wi-Fi security standard.

It’s clear that we need to standardize new wireless security technologies that not only encrypt users’ wireless communications but ensure wireless devices aren’t tricked into joining networks without any security. The good news is that there are methods organizations can use to defend against each Wi-Fi attack category. Generically, solutions that provide Wireless Intrusion Prevention System (WIPS) provide extra layers of security that not only discover bad actors on your wireless network or within your wireless proximity but can actively prevent your devices from connecting to evil networks or block attackers from completing their attacks.

Read the full article on Forbes for more information on the weaknesses of today’s wireless security standards. And to help advocate for a new worldwide Wi-Fi security standard, sign the Trusted Wireless Environment movement petition today.

How MSPs Can Differentiate with Secure Wi-Fi

The Wi-Fi market is one of the most established and mature in the broader IT landscape. Wi-Fi vendors produce highly similar product offerings with highly similar capabilities, making it increasingly challenging for managed service providers (MSPs) to differentiate themselves in a crowded field of wireless service competitors.

Fortunately, there’s a clear answer to this problem, which WatchGuard’s resident Wi-Fi expert, Ryan Orsi, covers directly in his recent guest blog post and podcast segment with Auvik, a leading provider of network management software for MSPs. Ryan explains that offering Trusted Wireless Environments is the most effective way for IT solution providers to stand out and differentiate their wireless services. Here’s a brief excerpt from the blog post:

“The Trusted Wireless Environment framework is a guide to building Wi-Fi networks that are fast, easy to manage, and most importantly, secure. The framework helps you defend clients from the six known Wi-Fi threat categories.

I challenge you to find a business of any size that doesn’t have Wi-Fi. Businesses spanning every vertical, and crowded public places like coffee shops, conferences, and train stations, are perfect places for a hacker to take advantage of the six attack vectors.”

To learn about each of the six known Wi-Fi threat categories and how the Trusted Wireless Environment framework can help you defend against them and differentiate from the competition, check out the complete blog post and podcast at Sign the Trusted Wireless Environment movement petition today to help us make the world a safer, more secure place by advocating to establish a global standard for Wi-Fi security.

How to Enhance Wi-Fi Security Controls for PCI DSS

Credit Card Reader
The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted and mature information security standard designed to secure credit/debit card transactions and protect cardholders against misuse of their personal information. But, more could be done to help protect against Wi-Fi Layer 2 attacks such as flooding an access point (AP) with de-authentication frames, cracking WPA2/WPA3, and connecting a Rogue AP onto the network that allows attackers to siphon cardholder data over Wi-Fi.

To help educate readers on these major security challenges, WatchGuard recently worked with Wayne Murphy, a passionate Senior Security Consultant at Sec-1 Ltd, on a blog post that addresses today’s growing Wi-Fi security vulnerabilities and threats. What Wi-Fi threats should you be worried about? Wayne outlines each of the six known threat categories, as defined by the Trusted Wireless Environment framework, in this new PCI Ramblings blog post. Here’s a sample of the first two:

Rogue Access Point: Rogue access points are physically connected to an organisation’s IT infrastructure without their knowledge.  These APs will then provide the threat actor with connectivity into the organisations networks and IT systems.  From here, the threat actor will attempt to compromise the system components being used by the organisation.  Think of a Rogue AP like a long invisible ethernet cable that attackers can use to connect to a company’s Local Area Network (LAN) and comfortably work their way into the rest of the network over a Wi-Fi connection.

Rogue Client: A rogue client is a client that is authorized on the wireless network but has been compromised by malware.  This can occur if the client has been involved in an “Evil Twin” attack, which has resulted in malware being installed.  This risk is that the malware that the client has been infected with could spread through the organisation’s environment.”

Read the entire post to learn more about these Wi-Fi threats, along with neighbor APs, ad-hoc networks, evil twins, and misconfigured APs. To join the Trusted Wireless Environment Movement, click here. For more information on WatchGuard Secure Wi-Fi solutions, click here

Coffee and Wi-Fi with Ryan Orsi

On May 14-16 Washington D.C. hosted Wi-Fi NOW 2019 USA ‘Celebrating 20 Years of Wi-Fi’ conference and expo. Surrounded by all the Wi-Fi industry players who gathered together to present and discuss future opportunities and challenges – it was the place to be! For three days, the conference agenda was packed with inspirational keynote speakers, innovators, and experts. At the expo, you experienced live demos and had the opportunity to connect with companies representing every aspect of the Wi-Fi industry.

While at the event, I took the opportunity to connect with Ryan Orsi, director of product management, at a nearby coffee shop. As we sat down, it felt appropriate to ‘cheers’ with our coffee mugs and offer congratulations, since shortly before Ryan delivered the message about just how vulnerable Wi-Fi users are, that there is not enough education about the very real threats they’re up against when using Wi-Fi every day, and the need for new Wi-Fi security standards. Here’s a recap of our Q&A:

MB: We are celebrating the 20th anniversary of Wi-Fi. Where do you think Wi-Fi will be 20 years from now?

RO: To try to think about where Wi-Fi will go in the next twenty years is a tall order. If I forget, for a moment, what APs and clients devices look like today as well as their limitations like battery life, security of the connection, and just think about what kinds of problems the world twenty years from now will need to solve, I see everything getting faster, smaller, and more secure. We all love the convenience of staying connected wherever we go and we like information coming to us in more visual and interactive ways. We also hate carrying bulky electronics around or slapping big honking devices around our homes and offices that ruin the Feng Shui going on. This means that twenty years from now versions of us are going to want everything, literally everything connected and it better be fast, inexpensive, tiny (not implying Zoolander size mobile phones) and not leak personal or business information. I’ve seen brilliant advancements in antenna technologies that could allow Wi-Fi devices to be made much smaller and other technologies like energy harvesting that could power Wi-Fi devices with no batteries. I also think the average person is going to hear the message about Wi-Fi security and the pressure to design better security into Wi-Fi devices will be very high. Over time, I think these kinds of advancements, and more I’m not even thinking of now, will become cost- effective and we’ll all be enjoying secure Wi-Fi connectivity in whole new ways twenty years from now.

MB: Over 90% of people find Wi-Fi the most important amenity when they travel. Why do you think the general public is not as cautious about connecting to public Wi-Fi as they should be?

RO: Have you ever seen those caution signs on the jetway when you board a plane that warn people that there are chemicals nearby that are known to cause cancer, birth defects and other medical problems? Rhetorical question there. I travel a lot –like, a lot –and have never seen a single person read the sign and do a one-eighty. So these warning signs are there to educate us, raise awareness of a serious issue that effects our health and still most everyone ignores them. When’s the last time you saw a warning message on a public hotspot saying “use the Wi-Fi at your own risk, everything you’re doing could be stolen by someone nearby”?  We have a long way to go in just raising the general public’s awareness to the seriousness of the dangers of using Wi-Fi that’s not properly protected from well-known hacks. That’s one of the reasons we brought the Trusted Wireless Environment Framework into the industry. For the first time, people can have their Wi-Fi tested to see if it’s safe from the six attacks that have literally been around for twenty years. I think it should empower hotspot network operators to test their Wi-Fi security and if it passes the test, advertise it to let people know “this Wi-Fi can be trusted, and you won’t be hacked”.

MB: Every presenter at the Wi-Fi NOW 2019 touched on Wi-Fi 6. Is it really that much faster?

RO: Faster is just one benefit and I should say faster in a real-world dense environment. Those of us who have been around wireless for a while don’t get too excited about cabled laboratory speed tests. Wi-Fi 6 brings OFDMA among other features that will really make users in the real world feel Wi-Fi work better, more reliably, and yes faster. I’m excited about where Wi-Fi will go with this sixth generation. If you think about areas you tend to turn Wi-Fi off on your phone because it just “doesn’t work” and go try cellular, many of those use cases could now be addressed much better with Wi-Fi 6. Large indoor public areas come to mind, for example. The future is bright for Wi-Fi thanks to the folks that have put together this sixth generation; can’t wait to see where we go from here.

MB: And does Wi-Fi 6 mean better security?

RO: Some people mix in WPA3 into the discussion about Wi-Fi 6 and that’s fair because most vendors are going to support WPA3 with their Wi-Fi 6 products. So yes, WPA3 is better than WPA2, which was completely cracked in 2017 and shocked many of us; that in fact WPA2 had been broken for ten years before the whistle was blown. Without going too deep, one of the security improvements of WPA3 is that people shouldn’t be able to passively sniff traffic as easily anymore as is common with malicious and even bored people at hotels, airports, and so on. Also, it’s a bit of a sore subject but WPA3 should eliminate the easy-to-do “handshake” Wi-Fi password cracking techniques that WPA2 suffered from. Sore subject because the Dragonblood vulnerabilities, now patched, showed that WPA3 could still be vulnerable.

MB: Since we’re talking about Wi-Fi security, why do you think the Wi-Fi industry has not adopted any standards around Layer 2 security?

RO: Most all the demand over the last twenty years has been for connectivity and performance. The industry isn’t going to build something if they don’t think their market wants it. I definitely want this to change and I think vendors that normally compete need to come together and design new security into the Wi-Fi standard that solves these hacking problems for the average person without them having to take additional steps beyond what they do today: tap or click to connect.

MB: I’ve been following #TrustYourWiFi hashtag on social media and see that you’ve been traveling the world advocating for safe Wi-Fi for everyone. Where are you off to next?

RO: What a first half of 2019 it’s been! Spain, Germany, Chile, Italy, The Netherlands, Denmark, Sweden, Puerto Rico, Washington DC, Croatia and I’m probably forgetting some stops. I go where people want to learn what they’re up against with Wi-Fi security. One of my next stops is going to be in Utah where members of the AIM (an Association for Information Management – security) group want to learn.

With just minutes left of our meeting, I couldn’t resist and snuck in a few non-Wi-Fi-related questions (you’re welcome!):

MB: How do you spend your free time?

RO: Anytime there’s not a laptop, camera, or AirPod around, I’m spending time with my wife and two young boys in San Diego. Everything we do, we do as a team like day hiking 14-mile trails, camping, crawling the zoo, or living it up on the Coronado Island beaches. Let’s say Team Orsi works hard and plays hard, too.

MB: What’s one food item you can’t live without?

RO: Avocado. I’m unapologetically Californian and we put that amazing fruit on many things.

MB: What are you reading right now?

RO: Astrophysics for People in a Hurry by Neil deGrasse Tyson. Nerd alert, I love space, string theory, dark matter and energy.

MB: Favorite place you’ve ever visited?

RO: That’s a hard one but Tarragona on the Mediterranean cost of Spain is near the top of the list. My wife and I took the boys there last summer and the place was amazing.

MB: If you weren’t a director of product management, who would you be and why?

RO: Product management is pretty fulfilling, especially at WatchGuard where I get to make an impact and that’s really what drives me is to be able to impact the world nudging it to a better future. If I was in one of Neil’s parallel universes, I suppose I’d be your Californian tech startup entrepreneur. I’ve done several startups and highly recommend everyone get that experience at least once in life!

And it’s a wrap, folks!

At the end of the day, it’s critical every organization understands that most Wi-Fi products available today simply aren’t enough when it comes to the level of security they can provide, and for users to remain educated about the very real threats they’re up against when using Wi-Fi every day.

To join the Trusted Wireless Environment Movement and advocate for a global security standard for Wi-Fi visit

Until next time!

Great Wi-Fi Security Comes in a Small & Affordable Package

Where other enterprise-grade Multi-User MIMO (MU-MIMO) access points (APs) focus only on serving up Wi-Fi to users, the new AP125 model does this and also blocks hackers from stealing passwords, credit cards, and other valuable data from you. More and more devices are leveraging Wi-Fi connectivity. This trend isn’t expected to slow down anytime soon, and while your customers and employees demand access to fast Wi-Fi, you might not know the huge gap it’s leaving in your security.

Wi-Fi served by WatchGuard’s AP125 is built using the Trusted Wireless Environment framework. When deployed, companies can rest assured that they are protected by verified, comprehensive security that automatically detects and prevents the six known Wi-Fi threat categories, while enjoying the benefits of Wi-Fi networks with market-leading performance and scalable management.

What’s more, WatchGuard’s secure Wi-Fi products are compatible with most other Wi-Fi solutions, so companies can leverage them to deploy a WIPS overlay without ripping out and replacing every existing AP in their network (Meraki, Ubiquiti, Ruckus, etc). For more information about how managing the AP125 as a dedicated WIPS sensor click here.

“When customers ask for Wi-Fi, they want to make an investment into a future-proof infrastructure with the best technology available to date,” said Jean-Pierre Schwickerath, head of IT, HILOTEC AG. “With the 2×2 Wave 2 AP125 we found the perfect match for these SMB requirements: it has a low footprint, a most attractive price, and easy installation, configuration and management of the whole network out of WatchGuard’s Wi-Fi Cloud. With this powerful little beast, we can deliver and guarantee a high-quality Wi-Fi network, protected by WIPS, which will make the customer happy for many years to come.”

The AP125 can be managed with either a Firebox, via the Gateway Wireless Controller, or with WatchGuard’s Wi-Fi Cloud. When managed by the Wi-Fi Cloud, you get strong set-up, management and reporting features including:

  • Patented Wireless Intrusion Prevention System (WIPS) protection against the six known Wi-Fi threat categories
  • Intelligent Network Visibility & Troubleshooting
  • Engaging Guest Portal Experiences
  • Powerful Location-Based Analytics
  • Scalable Management

Take our Wi-Fi Cloud for a test drive:

To join the Trusted Wireless Environment movement and advocate for a global security standard for Wi-Fi, click here.

To learn more about WatchGuard’s Secure, Cloud-Managed Wi-Fi visit:

Why WPA3 Is Not a Cure-all for Wi-Fi Hacking

Do you remember the Key Re-installation Attack or “KRACK attack” news from 2017? Most of us will never forget. When one researcher uncovered a number of vulnerabilities present in WPA2’s 4-way handshake, the world was shocked to realize that such a trusted standard’s encryption could be defeated so easily. In response, the Wi-Fi industry rallied together to develop an improved standard with better security – WPA3.

Although WPA3 is leaps and bounds better than its predecessor, we need to be wary of the Wi-Fi security threats that persist in spite of it. That’s why Ryan Orsi, director of product management for Wi-Fi at WatchGuard, just published a guest article on RCR Wireless that outlines the top Wi-Fi attacks we all face today and how building a Trusted Wireless Environment can protect against them. Here’s Ryan’s take on WPA3:

These enhancements in WPA3 have been warmly received within the industry, but despite its security improvements, at least one of the six Wi-Fi threat categories – Rogue AP, Rogue Client, Evil Twin AP, Neighbor AP, Ad-Hoc Networks, and Misconfigured APs – can still be used to compromise WPA3 networks. Each of these types of threats represent a unique method attackers can use to either position themselves as a MitM or eavesdrop on network traffic silently.

The Evil Twin AP attack, for example, is very likely to be used in Enhanced Open Wi-Fi networks, since OWE can still take place between a victim client and an attacker’s Evil Twin AP that is broadcasting the same SSID, and possibly the same BSSID as a legitimate AP nearby.  Although OWE would keep the session safe from eavesdropping, the victim’s Wi-Fi traffic would flow through the Evil Twin AP and into the hands of an MitM, who can intercept credentials, plant malware, and install remote backdoors.

Although passive eavesdropping on open Wi-Fi networks will likely become a thing of the past, one very critical missing piece to WPA3 is that humans and client devices connecting to an SSID still have no way to confidently know that the SSID is being broadcasted from a legitimate access point or router. The SSID can still be broadcasted, with WPA3 enabled, from a malicious Evil Twin AP, for example. To help combat these types of widespread Wi-Fi vulnerabilities, more and more IT departments are creating Trusted Wireless Environments that are capable of automatically detecting and preventing Wi-Fi threats.

For more information on today’s most prevalent Wi-Fi threats and why WPA3 alone isn’t enough to protect against them, read the full article on RCR Wireless. At the end of the day, it’s critical every organization understands that most Wi-Fi products available today simply aren’t enough when it comes to the level of security they can provide, and for users to remain educated about the very real threats they’re up against when using Wi-Fi every day.

The 6 Threats Every Wi-Fi System Should Be Able to Prevent

Wi-Fi has become an integral part of everyday business and life in general, yet Wi-Fi security still doesn’t receive as much attention or investment as it should. According to Wi-Fi NOW, nearly 75 percent of US smartphone traffic runs over Wi-Fi, as of Q4 2018. This spells a significant amount of opportunity for bad guys looking to attack unsuspecting users over under-secured or unprotected Wi-Fi connections. Due to the overall rise of smart devices and their reliance on Wi-Fi networks, we can’t afford to wait any longer to get serious about redefining Wi-Fi with security in mind.

What types of security threats target Wi-Fi specifically? In his latest guest article for Network Computing, Ryan Orsi, director of product management at WatchGuard, details the six known Wi-Fi threat categories your network must be able to block, and why more IT departments are developing Trusted Wireless Environments capable of automatically detecting and preventing them. Here’s a quick look at the first threat:

Rogue APs: A rogue AP is an AP that has been physically connected to a network without explicit authorization from an administrator. It’s an instant PCI-DSS violation. Rogue APs are connected to the authorized network, allowing the attackers to bypass perimeter security. Wi-Fi systems need to detect if a signal in the air is being broadcast from an AP physically connected to the authorized network. If so, it needs to be able to prevent the Rogue AP from gaining access to the LAN, which is typically done via ARP poisoning. It should also be able to prevent Wi-Fi clients from associating to it, usually via a surgical flood of deauthentication frames.

Read the full story on Network Computing to learn about the other five Wi-Fi threat categories you need to be aware of today. For more information about the Trusted Wireless Environment movement and how to build one, visit here. And be sure to sign up for the Secplicity Email Newsletter for more Wi-Fi security news and best practices!

This Twenty-Year Old Hack Still Beats Most Wi-Fi Access Points – And Here’s Why

List of WiFi networks on smartphone in the shopping mall

Wi-Fi is the most popular wireless networking protocol in the world and has existed for almost 20 years, but in that time, the layer two surface has remained largely undefended from many wireless attacks. Our Director of Product Management and resident Wi-Fi expert Ryan Orsi recently wrote a guest blog for Dark Reading, which explains how Wi-Fi security is lagging across the wireless industry and digs into the details of one particularly dangerous Wi-Fi threat – the Evil Twin AP. 

The Evil Twin AP works by using 802.11 radios to broadcast the same SSIDs as legitimate Wi-Fi access points, tricking victims’ devices into associating with the attacker’s device instead of the intended AP. Now the victim’s traffic flows through the attacker’s AP and they can manipulate or spy on the victim’s internet activities. Here’s an excerpt from Ryan’s article about the consequences of this attack:

“This entire process is used to allow attackers to establish MitM positions from which they can siphon packets and inject malware or backdoors onto victim devices for remote access. Once in a MitM position, the attacker has complete control over the Wi-Fi session. These cybercriminals can leverage well-known tools to duplicate popular login forms for social sites or email hosting platforms, intercept the credentials in plain text, forward them to the real websites, and log in the user. As the target, you might believe you’ve simply logged in to your email account as always — but in reality, you have handed your credentials over to an attacker.”

The Evil Twin is widely known in hacking communities and it’s very effective. In fact, the US Department of Justice recently charged agents from the Russian military hacking group GRU with using an Evil Twin attack to steal credentials and force malware onto targets like anti-doping organizations and chemical testing labs.

So how do you prevent this kind of attack? As an individual, you can use a Virtual Private Network (VPN) while connected to Wi-Fi in order to conceal your traffic from an Evil Twin attack. Businesses should use Wi-Fi solutions that leverage Wireless Intrusion Prevention System (WIPS) capabilities to detect and prevent wireless attacks, but be aware that these products vary widely in their effectiveness. As a matter of fact, according to a recent Miercom test of APs from major networking vendors, only WatchGuard’s Secure Wi-Fi access points proved capable of automatically detecting and preventing every known Wi-Fi threat category.

This is part of a larger issue with security in the Wi-Fi industry. Most of the R&D in the past several years has gone toward improving the range, throughput and connectivity of APs, while security has been neglected. That’s why WatchGuard developed the Trusted Wireless Environment Framework, a guide to building complete Wi-Fi networks that are fast, easy to manage, and most importantly, secure. Without more education on what Wi-Fi security threats exist and how to design networks that protect against them, threats like the Evil Twin attack will persist.  

To learn more about the Evil Twin attack, read Ryan’s full article in Dark Reading. You can find out more about Wi-Fi security here on Secplicity, and watch our video demo of an Evil Twin AP here.

You Have 99 Problems; Securing Your Wi-Fi Should NOT Be One of Them

Prepare to be amazed in the Putting the “Why” in Wi-Fi Security webinar.

With Wi-Fi vulnerabilities like the “Evil Twin” access point making global headlines, it’s not just about Wi-Fi connectivity anymore—security needs to come first. Wi-Fi security is a complicated technology area, and security-related messaging coming from many vendors creates more confusion than clarity. To remedy this industry challenge, WatchGuard has introduced the Trusted Wireless Environment Framework for building a complete Wi-Fi solution that is fast, easy to manage, and most importantly, secure—automatically blocking attacks coming from the six known Wi-Fi threat categories.

In this webinar, Ryan Orsi, Director of Product Management at WatchGuard and Miercom CEO Robert Smithers uncover what it takes to test the security efficacy of Wi-Fi access points. You’ll hear first-hand from Robert about how WatchGuard’s Wi-Fi stacks up against the other AP vendors: Cisco Meraki, Aruba, and Ruckus.

In the meantime, download the Wi-Fi Security report for a sneak peek at the test results, and ask your IT colleagues or service providers to make sure that your Wi-Fi network meets the security standards defined by the Trusted Wireless Environment Framework.