Wework_WiFi

Weak WeWork Wi-Fi Network Security Leaves Tenants’ Records Exposed

Reading Time: 4 minutes

With the rise of the mobile and remote workforce, more and more organizations are changing from the outdated cubicle office architecture to the modern coworking space option. Coworking spaces such as WeWork and Green Space offer many different advantages for organizations, from lower office costs, flexibility in working, networking opportunities, happy hours and more. However, along with the advantages there are always some security risks.

Working out of a coworking space might save your organization money and overhead, but it’s important to consider the security implications it presents to your organization’s resources. In the case of the lead coworking space WeWork, massive security risks have grabbed the headlines over the past month.

WeWork’s Lax Wi-Fi Security

Security issues with WeWork’s Wi-Fi network were first introduced in August 2019 in a Fast Company report, which noted that the company “used the same weak passwords and outdated Wi-Fi system throughout all its branches”. WeWork’s lack of password security has gotten to the point that it has regularly been featured on the list of the worst passwords that anyone can possibly use. The report described that WeWork’s Wi-Fi weak security is “laughably weak” and “downright dangerous.”

The “laughably weak” Wi-Fi at WeWork now has resulted in exposing the sensitive documents and data of it’s New York’s Financial District members.

CNET reported that a WeWork tenant named Teemu Airamo who joined the New York shared workspace in 2015 scanned the facility’s Wi-Fi security upon arrival to ensure his organization would not be vulnerable to an attack. Airamo noticed that other companies located at the WeWork were visible on the network and were spilling out an “astronomical amount” of data.

Airamo disclosed the issue to the WeWork management, and despite the Wi-Fi security risk, WeWork never patched the vulnerability. Four years later, this Wi-Fi security risk is still intact. Airamo over the years has continued to run regular scans of the network and found that over 700 devices are leaking information from the WeWork network. The different kinds of sensitive data exposed included emails, financial records, and client databases as well as scans of people’s IDs, their bank account credentials and, quite randomly, a virtual birthday card with a cat photo of Nicolas Cage.

Public Wi-Fi Security Risks 

With 90 percent of Americans using their personal devices for work, employees are constantly at risk of accidentally opening access to company data. To fight off potential hacks on the network or the risk of exposing critical data, everyone needs a better understanding of the different security risks that correlate with using public Wi-Fi networks.

Insufficient Encryption

Many Wi-Fi hotspots have absolutely no form of encryption, or they utilize a weak WEP protocol that can result in a potential security breach.

Poor Password Protection

Wi-Fi hotspots often have widely shared passwords, or even worse, absolutely no password protection. This provides incredibly easy access to hackers to access the network and compromise your data.

Lack of Awareness

Most people are not aware of the different kinds of risks when using public Wi-Fi and assume the network must be secure. In fact, only one in three people can actually tell the difference between secured and unsecured Wi-Fi networks.

Steps to Secure Wi-Fi Network

One of the most popular network misconceptions is that free public Wi-Fi is completely secure. If you’re using public Wi-Fi without the proper protection, you’re potentially putting your organization’s sensitive data at risk. Here are a few measures you can take right now to start protecting your data on public Wi-Fi.

Browse Only over HTTPS Encrypted Sites

When you browse on a website you want to check for a green lock symbol at the start of the URL. This indicates that your traffic is being encrypted through SSL encryption technology and that the data transferred between your browser and the website is secured. However, this method is still vulnerable to SSL stripping.

Enable Two-Factor Authentication

Two-factor authentication (2FA) is a great way to prevent your accounts from being hacked. It ensures that, in addition to your username and password, a second layer of verification such as an SMS code is required. However, in the case of public Wi-Fi, this method only protects your account during the login process, so it isn’t enough to keep you safe online.

Disable Auto Join to Wi-Fi Networks

Many Wi-Fi hotspots are unsecured. However, your phone automatically remembers previous networks you’ve connected to and will reconnect to them even if you don’t interact with your phone. Since it’s important to make sure that the network you’re connecting to is authorized, reliable and trustworthy, you should disable auto-join on your device.

Authorized Access is Key

Many organizations are still relying on outdated hardware-based VPN technology for their secure network access, however, it’s not enough to fight off the new network attacks.

Secure network access must be defended and protected by adopting security strategies, like the popular Zero Trust security model, which enforces multiple layers of verification before granting resource access.

Furthermore, this breach highlights the need to embrace cloud-compatible cybersecurity solutions. According to the Cloud Security Alliance (CSA), Software-Defined Perimeters provide “the ability to deploy perimeters that retain the traditional model’s value of invisibility and inaccessibility to “outsiders,” but can be deployed anywhere – on the internet, in the cloud, at a hosting center, on the private corporate network, or across some or all of these locations.

To prevent similar risks such as WeWork’s Wi-Fi security risks, organizations should use Software-Defined Perimeter technology and the Zero Trust model to ensure secure access by authorized devices, users and locations. They should also seek services such as Perimeter 81 which include advanced or even automatic Wi-Fi security features, ensuring employee communications are encrypted across all Internet connections. With Perimeter 81, organizations can ensure that only authorized connections are being established while leaving their cloud environments completely hidden from attacks.

To learn more about Perimeter 81’s Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
5 Network Security Mistakes

5 Network Security Mistakes Your Employees are Still Making

Reading Time: 4 minutes

Network security breaches are frequently grabbing the headlines, often with the same angle of how big was the hack, who was affected and what information was taken. The majority of the time, the source of the hacks tend to be influenced by which actor or which technical error occurred. While these data breach stories grab readers attention, we need to rethink how these kinds of hacks really occur.

5 Network Security Mistakes Your Employees are Still Making

Today, companies are increasing their cybersecurity budget by implementing different security solutions to fight off hackers. This is good news as we are not just depending upon best practices. However, there is one security patch that can never be fully fixed the errors committed by the company’s employees.

Every organization is aware of the risk of human error. Employees occasionally commit mistakes, which can hurt the network of their company. However, not all organizations realize how dangerous human errors can be when it comes to the network security of the organization. 

So how do you help lead your employees past some of the common and painful network security mistakes?

Here are the 5 most common network security mistakes by your employees and how to fix them.

1. Using Weak Passwords

One of the most common network security threats is the usage of weak passwords. When passwords are not set using the correct procedures, they can be easily hacked by external actors which will allow them to infiltrate the company‘s network.

Passwords are considered one of the most common forms of security, and they can be highly effective when used properly to protect the privacy of data stored on servers across the network. The use of weak passwords can easily be resolved by educating employees about strong passwords and the part they play in keeping hackers away. For critical and sensitive business data, implementing a stronger password-protection system like periodic expiration of the password and multi-factor authentication can provide an additional layer of security against hackers.

2. Using a Traditional VPN

More and more companies have adopted remote workers and the migration of their critical applications to the cloud. Traditional VPN services are too tolerant, allowing staff to access their company’s network for their day-to-day work. As a result, these resources assume unwarranted visibility and become more receptive to compromise.

Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software-Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. 

Traditional security models are designed to protect the perimeter to fight off threats that try to exploit your company’s network. By implementing the Zero Trust need-to-know model, each employee will gain a customized secure connection to their organization’s resources requiring access.

3. Using Unknown Devices

Employees tend to make the mistake of sharing external USB devices or using unauthorized devices which can be plugged-in any machine on the network. In addition, some employees make the potentially harmful mistake of plugging in unknown USB drives into their laptops that they find around the office.

These devices may contain a virus that could spread from one infected computer to another. Employees should refrain from using these kinds of devices that were not authorized by the administrators of their network. Organizations should set up company policies that prohibit employees from using their own devices which might have been controlled remotely by a hacker.

4. Using Free WiFi Hotspots for Work

Public Wi-Fi hotspots are convenient when abroad on vacation, at a cafe, and at the airport. Remote workers and employees who frequently travel for business often take advantage of public Wi-Fi to work on the go. However, connecting to public Wi-Fi for accessing your company’s network can prove risky to your employees as these networks are easy to hack. Hackers can easily gain access to the company’s confidential and sensitive data.

Hackers can also use public Wi-Fi hotspots to install malware on the mobile devices of those employees who have enabled file-sharing on their system. To fight off the hackers, organizations should advise employees to avoid using public Wi-Fi networks to connect to corporate resources without a secure network as a service solution.

5. Unauthorized Application Installation

Another common security threat by your employees is the installation of unauthorized applications on the company’s network. This can be a critical threat to a company because it just takes a few small installation steps for a small program to take control of the whole network.

This can easily be fixed by revoking administrative access for most employees. Another way to fix this type of threat is by training employees the importance of third-party credibility and authenticity. This can be enough to make employees aware of the threats posed by the installation of unauthorized applications.

Moving Forward 

The human factor is one of the main issues in ensuring the security of corporate systems. More and more often attackers choose to slip into the corporate network by attacking the employees, rather than hacking into the infrastructure directly from outside the perimeter.

To prevent attackers from getting inside your company’s infrastructure, your organization’s employees should be properly educated about security and the risks involved. By properly educating your employees with network security best practices, they will provide an additional layer of defense against hackers attempting to gain access to your network.

We hope you found this post helpful! Feel free to share any network security mistakes that you have witnessed in the comments section below. If you’d like to learn more about the many advantages a Zero Trust Network as a Service, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More

5 Easy Ways to Keep Your Employees Safe Online

Reading Time: 4 minutes

90% of Americans are using their personal devices for work, risking their workplace by accidentally opening access to their company data. Keeping your company and employees safe from cyber-attacks can be done by just following these 5 simple rules.
Continue reading

Read More
Public Wifi threats

Public Wi-Fi Risks and How You Can Easily Protect Your Clients from Them

Reading Time: 3 minutes

The number of public Wi-Fi networks is expected to grow to 432 million by 2020. As public Wi-Fi becomes more available, attacks on them will only increase. So what are the risks associated with using public Wi-Fi and how to avoid them?

Utilizing a VPN (Virtual Private Network) is one of the safest ways to keep data protected. In this webinar, we discuss how a cloud-based VPN can support the convenience of public Wi-Fi while adding extra security for business people to keep their data traffic encrypted and their company’s assets safe.

The Risks of Public Wi-Fi

As public Wi-Fi has become more and more available, attacks on public networks have only increased. Cisco’s Visual Network report revealed that the number of public Wi-Fi hotspots is expected to grow to 7 times the 2015 figure, from 64 million to 432 million by 2020.

Some risks associated with using public Wi-Fi include:

  • Insufficient Encryption
    Many Wi-Fi hotspots have absolutely no form of encryption, or they utilize the much weaker WEP protocol that is susceptible to cybersecurity breaches.
  • Poor Password Protection
    Many Wi-Fi hotspots have widely shared passwords, or even worse, absolutely no password protection. This provides incredibly easy access to cybercriminals who’d like to access the network and compromise your data.
  • Lack of Awareness
    Unfortunately, many people are not aware of the risks of public Wi-Fi and assume that since they had to log in, the network must be secure. In fact, only one in three people can actually tell the difference between secured and unsecured Wi-Fi networks.

The Most Common Public Wi-Fi Threats That You Should Be Aware Of

One in five people and three in ten senior business managers have been hit by cybercrime while on the go.

Here are a few examples of how these attacks happen:

  • Man-In-The-Middle Attack
    Using this method, hackers are able to intercept data transmission between two endpoints. Once they are in control of the connection, attackers have the ability to read and even alter data that is transferred back and forth.
  • Packet Sniffing
    Using readily available tools, hackers can capture packets of data passing through the network, allowing them to steal administrative passwords, sensitive login credentials and much more.
  • Evil Twin Attack
    With a seemingly legitimate network, hackers can trick employees into connecting to a rogue Wi-Fi hotspot. Once this happens, they have full access to all the information that a person transfers online.
  • Wi-Fi Pineapple
    For less than a hundred dollars a bad actor can use a small portable device called a Wi-Fi pineapple to generate spoof sites that allow them to eavesdrop on your private data.

How to Protect Yourself on Public Wi-Fi

With the rise of people working remotely and connecting to Wi-Fi hotspots with their mobile devices, businesses are struggling to protect their confidential information.

Here are a few measures you can take right now to start protecting your data: 

Browse Only over HTTPS Encrypted Sites

When you browse on a website you want to check for a green lock symbol at the start of the URL. This indicates that your traffic is being encrypted through SSL encryption technology and that the data transferred between your browser and the website is secured. However, this method is still vulnerable to SSL stripping.

Enable Two-Factor Authentication

Two-factor authentication (2FA) is a great way to prevent your accounts from being hacked. It ensures that, in addition to your username and password, a second layer of verification such as an SMS code is required. However, in the case of public Wi-Fi, this method only protects your account during the login process, so it isn’t enough to keep you safe online. 

Disable Auto Join to Wi-Fi Networks

Many Wi-Fi hotspots are unsecured. However, your phone automatically remembers previous networks you’ve connected to and will reconnect to them even if you don’t interact with your phone. Since it’s important to make sure that the network you’re connecting to is authorized, reliable and trustworthy, you should disable auto join on your device. 

With Perimeter 81

With Perimeter 81, you can set up a private secure connection to another network which enables you to browse through an encrypted tunnel

Perimeter 81’s secure network access solution offers an easy-to-use security tool with many technical advantages, including

  • It’s cost effective because you don’t have the expensive external hardware
  • It’s easy to set up and manage because it’s software-based and offers immediate updates and upgrades
  • It is highly scalable and offers seamless cloud integration
  • It provides multi-tenant support and clear MSP management

With a secure network access solution, you can rest assured knowing that your entire network is protected. We’ve received special approval from Apple for our breakthrough feature automatic Wi-Fi security. When activated, the minute a user connects to an unsecured Wi-Fi network, we automatically activate an encrypted VPN channel to ensure that all their data is protected.

We also utilize 256-bit AES bank-level encryption, secure tunneling protocols including OpenVPN, L2TP over IPSec, and Perfect Forward Secrecy (PFS) which rotates encryption keys every 60 minutes.

If you’d like to learn more about using a VPN for Wi-Fi Security, please don’t hesitate to request a demo at www.perimeter81.com/demo or contact our sales team at [email protected].

Read More

Why Every Professional Must Use a VPN

Reading Time: 3 minutes

Business professionals cannot afford to connect to the Internet unprotected. It is crucial to safeguard your company’s private data, especially when traveling for work or using your own device. Continue reading

Read More