Endpoint Security , Governance & Risk Management , IT Risk Management

Finding and Removing Rogue Wi-Fi Access Points

Tracie Thompson of HackHunter Says Access Points Can Be Tiny, Difficult to Locate
Tracie Thompson, CEO, HackHunter

A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow.

See Also: Now OnDemand | C-Suite Round-up: Connecting the Dots Between OT and Identity

IT security pros work to ensue unauthorized devices, including video cameras, small hacking tools and BYOD items, don't join the network.

Also a threat are so-called "evil twin" attacks, where an attacker creates an access point that masquerades as a real one in order to get victims to connect.

Regularly auditing corporate Wi-Fi is a best practice, says Tracie Thompson, CEO and co-founder of the Australian startup HackHunter. PCI-DSS requires regular Wi-Fi audits as well as the removal of unauthorized access points, she points out.

High-range routers can alert and log the presence of an unknown device, but that doesn't mean that those devices are going to be easy to find, she says. Rogue devices could be a small as a thumbnail and stuck in a ceiling or under a floor.

"The routers will tell you that something's there, but you can't actually find it using a router obviously because they're static," Thompson says.

In this video interview, Thompson discusses:

  • What threats enterprises face from rogue access points;
  • Why rogue access points are hard to find;
  • How physical audits could miss unauthorized access points.

Tracie Thompson is the CEO of the Australian startup HackHunter, which sells cybersecurity tools. She is also co-founder of Thompson Security, an information security consultancy.

About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk is a veteran journalist who has reported from more than a dozen countries. Based in Sydney, he is Executive Editor for Security and Technology for Information Security Media Group. He's the creator of "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware, the greatest crime wave the internet has ever seen.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.