During a wireless penetration test, expert white hat hackers step into the role of would-be attackers and attempt to breach your system. Unlike other types of penetration tests, they focus only on exploiting wireless services available to anyone in the physical vicinity of your network. This can include:
By putting the security of your wireless footprint to the test, penetration testers can evaluate your security and propose solutions to strengthen it. These can include addressing vulnerabilities, deploying new technology or architecture, and implementing new security policies or procedures.
Wireless networks, WiFi, Wireless Local Area Networks (WLAN), IEEE 802.11 signals, and other wireless access points can be easy ways for a cybercriminal to breach your system. There are no locks to pick, no people to deceive, and you can perform the whole operation from the parking lot. It can also sometimes give attackers direct access to an internal network without having to breach a firewall.
In fact, many cybercriminals are known for searching for targets through a tactic known as war driving. This strategy entails driving in search of a WiFi network from a moving vehicle, using laptops, smartphones, and mobile devices.
Because wireless networks are such big targets for cybercriminals, compliance with most security standards (including PCI DSS, SOC2 and HIPAA) requires wireless penetration testing. This comprehensive and thorough investigation of your wireless network’s risks helps organizations to understand what’s vulnerable, what’s at stake, and how to target resources for remediation.
Wireless penetration testers perform a variety of tests against the wireless local area network (WLAN) and wireless access points (WAP).
The goal of wireless penetration testing is four-fold:
In addition to vulnerabilities within the network itself, a wireless pentest could discover major security risks, any of which might represent a breach already in progress. The three major types of threats include rogue access points, pineapples and evil twin networks.
A rogue access point, or an unauthorized point of access on a secured wireless network, may not have been set up with criminal intent. It could exist by accident or have been created by an authorized employee or contractor. Regardless, any rogue access point is a significant security threat to the whole network.
Whereas other wireless access points are authorized, a rogue access point is an unauthorized (and, therefore, probably unguarded) access point. It could give criminals a backdoor into the WLAN to install malware, steal money and data, or alter systems on the network.
Rogue access points typically arise under one of three circumstances:
A pineapple is a pocket-sized device that mimics the wireless local area network while inserting itself between the user and the WLAN to intercept data.
An "evil twin" network is a wireless network set up to look like a secure, trusted network. In reality, it’s a cybercriminal’s network, compromising the user’s device, data, and any systems they access. These dangerous doorways into your system can be created for any WLAN and are often an indicator of an incident or breach in progress.
Our accredited penetration testers are highly-skilled specialists who have mastered the same skills used by cybercriminals in order to help others defend against them. The Truvantis team of only senior-level security engineers can use wireless penetration testing to help your company to achieve compliance, understand the real threats to your system, and most importantly, create a realistic, actionable plan to mitigate those risks within your budget. There’s more to real security than checking off boxes and it’s more attainable than you think.
We’ll begin your wireless penetration testing on a call with your team to discuss the details and the rules of engagement. Then, we’ll send you a test device to connect to your network, providing us with the same wireless access available to those on-site. Throughout our thorough, manual, and automated testing of your entire wireless network’s security system, your security team will be notified immediately if we find critical issues.
Our approach may vary based on the size and complexity of the system, but the simplified steps of a wireless penetration test typically include:
Upon completion, everything we’ve discovered will be compiled into an easy-to-understand report. The valuable information it contains can be used to prioritize vulnerabilities by risk-level and take immediate action to protect your organization.
Our wireless penetration testing provides you with the data and guidance to protect your data and strengthen your comprehensive security strategy. Whether wireless penetration testing is all you need, or just a small piece of the puzzle, we’ll help you to shape the solutions that fit your business, your budget, and your goals.
Our hands-on team of senior-level security engineers can create the solutions you need to improve your security. That may mean thinking outside of the compliance checkbox to find what really works for you — and that’s what we do best.