A Hackers Sidearm
An apple a day will keep the doctor away but a pineapple will put you in a world of hurt. A pineapple really? Yes a pineapple. This rogue access point (AP) is what hackers use to mimick Wifi causing the end user to mistakenly log on.
Here is a common scenario you are at the airport and want to catch up on some emails before you board your plane so you check out the local WiFi selections and you see Airport-Wifi-1 and Airport-Wifi-2. Not knowing specifically which one is the best you take a stab at Company-Wifi-1 and log on. Voilà you're signed on. Pretty typical right? This simple event can not only provide some really insightful data about your web traffic but also your precious credentials.
This is a pretty scary yet typical occurrence when it comes to remote workers.
What else can a WiFi Pineapple do?
The Hak5's Wifi Pineapple was designed for penetration testing of networks but is available to sell to the public. Some of the benefits that HAK5 is boosting are targeted man-in-the-middle attacks, advanced reconnaissance, credential harvesting, open source intelligence gathering and more - all from a clean, intuitive web interface. This $100-$200 investment for a hacker is a drop in the bucket when the average cost of a cyber attack for SMBs is $149k according to Kaspersky Lab 2018. Oh I forgot to mention the Nano version is so small it fits in a hackers pocket.
What can you do?
With this being an ultra terrifying ordeal you might ask yourself, what is there to do? One thing that we always recommend is signing up your team for a cybersecurity training. These trainings are essential for bringing your team up to speed with today's cyberthreat tactics and will help create a cybersecurity enforced culture that could save your company money and keep it's doors open.
We at Varay offer these one- time cybersecurity company trainings at no cost. If you want to make an even bigger change the Trusted Wireless Environment Movement has created a petition to standardized Wi-Fi security standards to combat Wi-Fi threats. Whatever you decide to do just be sure to do something. Even if it is just mentioning this article can create awareness on this covert issue.