From the angle of knowledge safety, wi-fi networks are sometimes perceived as one thing that may be accessed solely regionally — to hook up with them, an attacker must be bodily near the entry level. This considerably limits their use in assaults on organizations, and so they’re perceived as comparatively risk-free. It’s straightforward to assume that some random hacker on the web might by no means merely hook up with a company Wi-Fi community. Nonetheless, the newly emerged Nearest Neighbor assault tactic demonstrates that this notion just isn’t completely correct.
Even a well-protected group’s wi-fi community can turn into a handy entry level for distant attackers in the event that they first compromise one other, extra weak firm situated in the identical constructing or a neighboring one. Let’s delve deeper into how this works and how one can shield your self towards such assaults.
A distant assault on a company’s wi-fi community
Let’s think about a gaggle of attackers planning to remotely hack into a company. They collect details about the given firm, examine its exterior perimeter, and maybe even discover worker credentials in databases of leaked passwords. However they discover no exploitable vulnerabilities. Furthermore, they uncover that the entire firm’s exterior companies are protected by two-factor authentication, so passwords alone aren’t enough for entry.
One potential penetration technique might be the company Wi-Fi community, which they might try and entry utilizing those self same worker credentials. This is applicable particularly if the group has a visitor Wi-Fi community that’s insufficiently remoted from the principle community — such networks hardly ever use two-factor authentication. Nonetheless, there’s an issue: the attackers are on the opposite facet of the globe and might’t bodily hook up with the workplace Wi-Fi.
That is the place the Nearest Neighbor tactic comes into play. If the attackers conduct extra reconnaissance, they’ll almost certainly uncover quite a few different organizations whose workplaces are throughout the Wi-Fi sign vary of the goal firm. And it’s doable that a few of these neighboring organizations are considerably extra weak than the attackers’ preliminary goal.
This may occasionally merely be as a result of these organizations imagine their actions are much less attention-grabbing to cyberattack operators — resulting in much less stringent safety measures. For instance, they won’t use two-factor authentication for his or her exterior assets. Or they could fail to replace their software program promptly — leaving simply exploitable vulnerabilities uncovered.
A method or one other, it’s simpler for the attackers to achieve entry to one in all these neighboring organizations’ networks. Subsequent, they should discover throughout the neighbor’s infrastructure a tool related to the wired community and outfitted with a wi-fi module, and compromise it. By scanning the Wi-Fi surroundings by such a tool, the attackers can find the SSID of the goal firm’s community.
Utilizing the compromised neighboring system as a bridge, the attackers can then hook up with the company Wi-Fi community of their precise goal. On this means, they get contained in the perimeter of the goal group. Having achieved this preliminary goal, the attackers can proceed with their essential targets — stealing info, encrypting information, monitoring worker exercise, and extra.
How one can shield your self towards the Nearest Neighbor assault
It’s value noting that this tactic has already been utilized by no less than one APT group, so this isn’t only a theoretical risk. Organizations that might be focused by such assaults ought to begin treating the safety of their wi-fi native space networks as severely because the safety of their internet-connected assets.
To guard towards the Nearest Neighbor assault, we suggest the next:
- Make sure that the visitor Wi-Fi community is actually remoted from the principle community.
- Strengthen the safety of company Wi-Fi entry — for example, through the use of two-factor authentication with one-time codes or certificates.
- Allow two-factor authentication — not just for exterior assets but additionally for inside ones, and, basically, undertake the Zero Belief safety mannequin.
- Use a complicated risk detection and prevention system, akin to Kaspersky Subsequent XDR Skilled.
- When you lack extremely certified in-house cybersecurity specialists, make use of exterior companies akin to Managed Detection and Response and Incident Response.
