Rogue Wi-Fi Access Points

Staying connected while on the move is not easy. That’s exactly where wireless access points come into the picture. They are convenient and a time saver. Unfortunately, public access points come with a myriad of security issues, which make them risky. They can get you when you least expect. Experts refer to these things as RAPs or Rogue Access Points.  They seem to be everywhere, e.g. restaurants, hotel lobbies and schools. They even pop up at hospitals and airports.  A network label at a public facility may be designated as ‘Jack and Jill’. But someone may have set up a RAP version that reads ‘Jack and Ji11’.  So yes, you should care about rogue Wi-Fi access points.

How RAPs Work

Security savvy IT experts can tell the difference between genuine access points and Rogue Access Points.  Laymen cannot. The people behind them often have sinister motives. In less benign instances, the objective may be to pull off an MITM attack, which experts fondly refer in full as Man In The Middle Attacks. Tools like Ettercap are common in such instances. They make gullible victims believe that they are genuinely interacting with valid endpoints. Before they know it, they have already shared vital data with third parties. The third party then controls data flow while staying silent in the background, skimming and observing credentials. RAPs can also be used to flood networks with random data so as to create a denial of service and exploit situation.

How To Protect Yourself

It is hard to tell rogue wi-fi access points while on the move. The best you can do is to switch off ‘auto-join’ or ‘auto-connect’ on your mobile device. This is not enough though. You must also enable server verification on the client’s side. You can also try to deploy Wi-Fi protection hardware or applications. Be sure to connect to a private proxy server before connecting to other networks. That way, you can be that your data traffic is well-encrypted. The data traffic will turn out to be useless should an attacker tries to intercept it.

Network Data Exfiltration Through RAP

This happens when the rogue access point injects malware into a system solely to steal data and files on a network and its connected devices. To achieve such a heist, the rogue access point is logically positioned to ensure that the haul does not get past boundaries that have been set up by intrusion detection systems. For the person behind the attack, this is like using a side road to bypass guards at different checkpoints and eventually forcing his or her way to the main road.

What Should You Do?

The threat of having someone compromise your device is real. But the threat goes beyond just your handheld device or laptop. Once your device has been connected to a rogue access point, the entire Wi-Fi system can be easily compromised, leaving other users exposed to threat. Office operations can then be paralyzed or remotely shut down. Things you can do include investing in scheduled system maintenance, updating passwords regularly, and only use safe proxies.