Do you travel a lot? If so, do you use your smartphone, tablet, or notepad computer in airports or hotels? Even if you aren't a road warrior, do you use any of the aforementioned devices in public places like coffee bars?
WiFiWall 5.0 Traveler (Image source: WiFiWall.com)
In my case, I would answer with a resounding "Yes" to all the above. Of course, just about everyone these days knows that public Wi-Fi is subject to nefarious folks mounting all sorts of attacks on our systems. Unfortunately, most folks don’t realize just how grisly the situation is, because these cyberattacks can come from multiple directions in a variety of forms, such as:
- Rogue Access Point: The attacker creates a malicious Wi-Fi access point (AP) whose name looks temptingly reliable, like “Free Hotel Wi-Fi 24/7” for example.
- Evil Twin Access Point: The attacker creates an identical AP to the one you typically use in the airport, hotel, etc. As a result, you think you are connecting to the real AP, but you are instead connecting to the fake AP, at which point the attacker has you over a barrel and can do what they wish, like injecting malware via a splash screen, for example.
- Connection Hijack: In this case, the attacker can hijack your traffic and, in the case of an open Wi-Fi network, read, copy, and/or modify your data.
- Man-in-the-Middle Attack: In this case, the attacker places himself (or herself) between you and the AP, funneling all of your traffic through his (or her) machine.
The more techno-savvy among us use a virtual private network (VPN) on our machines. The VPN establishes an encrypted "tunnel" between our device and our targeted destination. So, if we use a VPN, we are 100% safe -- right? Ooh, I'm sorry, but it turns out we're still looking at the world through rose-tinted spectacles because we aren’t safe at all.
I was just chatting with Roi Keren at WifiWall. Roi told me that, "One of the biggest misconceptions people have is that using a virtual private network (VPN) secures their Wi-Fi connections against attack. It doesn't! VPN does a very good job on layer 4 and higher (of the OSI model) when TCP/IP is already established. This is fine if you're on wired communications, but when you're utilizing Wi-Fi, then layers 2 and 3 are not covered at all. The control management frames are not encrypted even with a VPN, and an attacker can re-initiate your connection any time he or she wishes (thus re-initiating your VPN client as well). It's like having a house with a state-of-the-art security, but then leaving your basement door wide open."
Happily, the folks at WifiWall offer solutions to this cybersecurity hole in the form of WifiWall Traveller and WifiWall Dome.
WifiWall, WifiWall Traveler, and WifiWall Dome
Now, some of this can take a bit of effort to wrap your head around, so let's take it step by step. WifiWall Ltd. (or just WifiWall) is the name of the company.
WifiWall Traveler is a standalone unit that can protect travelers like you and me and our devices while connecting to any public WiFi network. WifiWall Dome is a service whereby the folks at WifiWall deploy their devices throughout an organization's establishment (hotel, airport, company, coffee bar) in order to protect their WiiFi networks and users.
Let's start with WifiWall Dome, which is designed to protect medium to large deployed Wi-Fi networks. WifiWall Dome involves mounting a miniature WifiWall device next to each existing access point in the establishment. Following installation, WifiWall Dome constantly analyzes all Wi-Fi traffic and APs in the vicinity to detect and identify malicious and suspicious 802.11 activity. Deployed Dome devices autonomously detect and analyze Wi-Fi attacks, including rogue access point, evil twin, DDOS, KRACK attacks, man in the middle attacks, active scanner, channel switching, and more. The processed data is sent to the WifiWall Web Management Application, where all devices are centralized and managed.
Visualizing a facility protected by WifiWall Dome (Image source: WiFiWall.com)
Now let's consider the WifiWall Traveler, which protects individuals against a wide variety of cyberattacks, including the ones discussed at the beginning of this column. The latest generation of this device boasts a full Ubuntu machine with 64GB flash, 1.8 GHz quad-core arm CPU, and dual band Wi-Fi (2.5GHz and 5.0Ghz) -- all presented in a package half the size of a computer mouse that can slip inside your pocket.
My initial thought was that all of the communications from your device to the wireless AP would pass through the WifiWall Traveler, but that's not the way it works. Instead, you "introduce" your devices to the WifiWall Traveler, so it knows who they are. When you subsequently connect to a public Wi-Fi, your WifiWall Traveler will "sniff" all of the wireless packets as they fly around, paying particular attention to any packets coming from and to your devices.
If it detects an attack, WifiWall Traveler will instruct your device to kill its connection to the Wi-Fi (it does this by sending a Channel Switch 802.11 command to your device), thereby blocking the attack and preventing any damage to your system and your data. It also alerts you via a free app that you've previously downloaded to your smartphone.
The new WifiWall Traveler devices will become available sometime in the next couple of weeks. I cannot wait, because the folks at WifiWall are going to send me one to play with. Now I know how dire things are, I cannot wait!
About the AuthorFollow on Twitter Follow on Linkedin Visit Website More Content by Clive Maxfield