Insecure networks remain a serious mobile device threat. Attackers can intercept traffic through man-in-the- middle (MitM) attacks, or lure employees into using rogue Wi-Fi hotspots or access points.
According to MobileIron, 7% of protected devices detected a MitM attack in the past year.33
Although the risks of public Wi-Fi are becoming well known, convenience trumps policy—even common sense— for many users. Some organizations are trying to prevent this by implementing Wi-Fi-specific policies, but inevitably, rules will be broken.
One of the most dangerous network threats is the interception of traffic, or MitM. This is often done through rogue access points, which take advantage of familiar and trusted public Wi-Fi names (SSIDs). Users may see the name of a legitimate company or brand and connect to it without a second thought.
While some rogue hotspot names are obviously misspelled (e.g., Starbuckz), many look perfectly legitimate. And users might have the access point already stored in their device, causing it to connect automatically.
That might sound like something out of a spy movie, but it’s more prevalent than SQL injection (SQLi)-type attacks, and almost as common as phishing—but it gets far less press; maybe it needs a better agent?
Seventy-two percent of organizations said they’re concerned about MitM attacks. Of those, 23% don’t feel prepared.
The dangers of Wi-Fi
Rogue or insecure hotspots
Not all access points can be trusted—even those carrying the name of a trusted business or brand. The risk of insecure hotspots may be greater than companies realize. Twenty percent of organizations that suffered a mobile compromise said that a rogue/insecure Wi-Fi hotspot was involved.
According to Wandera, employees connect to an average of 24 Wi-Fi hotspots per week. It also found that 7% of devices encounter a hotspot that presents a low-to- medium severity risk, and 2% encounter one rated as a high risk—one known to be affected by MitM, or a protocol attack like SSL Strip.36
Overall, the average mobile device connects to two to three insecure Wi- Fi hotspots per day. The most common settings are retail, hospitality and transportation hubs, including airports.37
NetMotion data shows that the average mobile device connects to two to three insecure Wi-Fi hotspots per day. The most common settings are retail, hospitality and transportation hubs, like airports.35
Despite the clear security advantages of cellular technology, Wandera found that mobile workers transfer 2.5 times as much data via Wi-Fi.39
Rules will be broken.
Despite the risks, less than half (42%) of organizations said that they prohibit employees from using public Wi-Fi to perform work-related tasks. But even if they’re banned from using it, many employees will break the rules for the sake of convenience. Fifty-five percent of those who know that public Wi-Fi is prohibited use it anyway. And ironically, that includes many who are responsible for managing the security of mobile devices.
This shows the importance of having protection that’s built in. By using a system that blocks access to insecure or untrusted networks automatically, you don’t have to rely on users always making the right decision.
Don’t allow your phone, computer, tablet or other devices to auto-connect to a free wireless network while you are away from home. This is an open invitation for bad actors to access your device. They then can load malware, steal your passwords and PINs, or even take remote control of your contacts and camera.
33 Based on aggregated usage data, MobileIron, January 2019 to September 2019
34 X-Force Threat Intelligence Index, IBM, 2018, https://www.ibm.com/downloads/cas/MKJOL3DG
35 Based on analysis of anonymized and aggregated data from customers and other third parties within North America, NetMotion, September 2018 to August 2019
36 Analysis of man-in-the-middle attacks and risky hotspots encountered by protected mobile devices, WanderaThreat Research, November 2018 to October 2019
37 Based on analysis of anonymized and aggregated data from customers and other third parties within North America, NetMotion, September 2018 to August 2019
38 Data gathered by Symantec from its base of users over a 90-day timeframe during 2019
39 Analysis of mobile data consumption by companymanaged devices running the Wandera app, across domestic cellular, roaming cellular and Wi-Fi networks, Wandera Mobile Data Research, November 2018 to October 2019
40 Tech Tuesday—Holiday Travels, FBI, December 2019, https://www.fbi.gov/contact-us/field-offices/portland/news/press-releases/tech-tuesdayholidaytravels
Services and/or features are not available in all countries/locations, and may be procured from in-country providers in select countries. We continue to expand our service availability around the world. Please consult your Verizon representative for service availability. Contact us.