Posts Tagged MITM

What Is An Evil Twin Attack

With the advancement of technology, there has been a rise in the use of wireless connectivity solutions. It has found applications in restaurants, coffee shops, offices and shopping malls. However, wireless connectivity in the form of Wi-Fi is inherently less secure. It is largely unprotected from threats that can result in theft of credentials and sensitive information. The unprotected access points expose your connection and personal data to cyber-attacks such as ‘Evil Twin Attack’.

Understanding An Evil Twin

An evil twin is a rogue wireless access point that appears as a genuine hotspot offered by a legitimate provider. It typically clones the MAC address, name and service set identifier (SSID) of the network. This makes it hard for the users to differentiate between original and fake access point.

An attacker can conveniently create an “evil twin” within the smart phone or other internet-capable device using some easily available software. He discovers the radio frequency of a legitimate access point and uses the same to send out his own radio signals with the same name as original access point. This enables the attacker to eavesdrop on the network traffic, capture traffic or plant malware on the system.

Implications To Cybersecurity

Once the fake access point is set up, it poses as a local hotspot. The attacker positions himself near the end-user so that his signal is strongest within the range. The strong signals tempt users to connect manually to the evil twin for internet access. Also, it can be a case where the end-user’s computer automatically chooses that connection. This allows the hacker to intercept user’s sensitive data that is being shared between user and the host. Thus, he can obtain sensitive information or login credentials resulting in identity theft or financial loss of the end-user. Attackers are also using social engineering to clone a login page through which credentials can be stolen.

Ways To Prevent Evil Twin Attack

To avoid evil twin network connections, following tips should be considered by end-users:

  • Refrain from using public hot spots for online shopping or banking.
  • Users should disable auto connect feature on all wireless devices.
  • Connect via a virtual private network (VPN) to compress all traffic while using a public access point.
  • Before connecting, ask the owner of the area for official name of the hotspot and security key, if any. Type the incorrect key intentionally; evil twin hotspots will grant access irrespective of the key.

Companies should also incorporate measures to protect corporate data from evil twin attack:

  • Instruct employees to use Wi-Fi Intrusion Prevention Systems (WIPS) to prevent their systems from connecting to unauthorized duplicate access points.
  • Protect company’s wireless connections with Personal Security Key (PSK) and provide its details to employees and customers.

For more information on IT security solutions for your business, call Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments