Scorpiones Group

Wi-Fi Penetration Testing

Many business owners believe that they aren’t in risk of being attacked by a hacker.
A hacker doesn’t care whether your company has 10 employees or 1000, he will still try to hack your system.

From the release of the first 802.11 wireless networking protocol,
WiFi networks have grown in popularity to become the main connectivity solution for many users worldwide,
with 800 million new devices being manufactured every year.
Early WiFi networks has been proved to be highly insecure, facilitating the cracking of access keys within a matter of hours or even minutes.
Later implementations have stood the test of time and today the ability to configure a secure WiFi environment is within the grasp of any organisation.

As with many encryption technologies, however, the default configuration is often not secure, and can introduce technical vulnerabilities that sometimes are not widely documented.

Scorpiones’s WiFi security assessments provide a cost-effective way to measure the security of your WiFi network(s) against best practice, and make real-world recommendations for identified issues.

What is our team testing?
The following is a general overview of the type of common WiFi vulnerabilities that we test for during a penetration test, and should not be considered exhaustive.

Unencrypted WIFI misconfiguration
Many organisations provide an unencrypted "guest" WiFi network for BYOD and corporate guest Internet access.
While the majority of these types of network are considered low risk by their very nature,
they can introduce a number of potential attack vectors:
Endpoints themselves can potentially be attacked from another connected device.

Legacy Encryption
While flaws in older encryption technologies such as WEP (Wire Equivalency Protocol) are well understood,
some legacy hardware devices such as barcode scanners do not support newer, more secure alternatives.
The use of legacy encryption protocols, sometimes with additional compensatory controls masking the issue, is necessary.

Weak Encryption Keys Encryption is only as effective as the encryption key used.
It is often assumed that newer WPA/WPA2 PSK (Pre-shared Key) encryption algorithms are immune from attack.
This is simply not the case. Without any knowledge of the encryption key, tools such as aircrack-ng can force legitimate WiFi clients to deauthenticate and reconnect to the network.
By capturing the four-way reconnection handshake, a dictionary attack can be attempted, rendering weak and predictable encryption keys retrievable.

Evil Twin Attacks
Evil twin attacks involve introducing a malicious access point advertising a legitimate network name in order to fool devices into connecting to it.
Once connected, a number of potential attacks can be attempted.

Wi-Fi Penetration Testing - Identify Wireless Security Vulnerabilities There isn’t an "All in one" solution that fits to every network, but being proactive and keeping your network hardware and software up to date is a universal must do.
Modern networks and firewalls utilize cloud technology to remain continuously updated with firmware and cyber defense updates.

Contact us now for a network evaluation and WiFi vulnerability check.

Tags: WIFI Penetration Testing

Contact Us