Nearly all computing devices today, including laptops, mobile phones and even printers, have dual connectivity. On one hand a wired cable connected to the corporate network, and on the other, a wireless connection open to the world.
For example, Wi-Fi Direct, a peer to peer connection protocol that allows two devices to directly interact, is commonly found and by default enabled on printers. AWDL, Apple’s proprietary peer to peer protocol, continuously broadcasts its open connection.
These devices are coined as Wireless Receptors, that at any moment – either purposefully or unintentionally – can connect to unmonitored or unauthorized wireless networks.
Attackers leverage the Wireless Receptor wireless capability to take control of the device, bypassing firewalls and any connectivity logs. The now-compromised device is used as a bridge into the corporate network. From this moment, the attack becomes invisible to existing NAC solutions as the attacker operates from a legitimate device.
Today’s common mitigation practices include periodically and manually testing that the wireless capabilities are turned off, while more specific controls are not even provided – leading to security policy and regulatory violations.
Achieve network airspace control and protection. Prevent unauthorized access to the corporate network by using AirEye Dome:
Prevent any unauthorized wireless access to a dual-connected device
Receive visibility into devices that are broadcasting Wi-Fi Direct, Mobile Hotspot and AWDL, pinpointing all devices connected via those technologies
Receive visibility into devices that are using File Sharing, AirDrop, Feem and Media Streaming, pinpointing all their peer devices
Identify wireless networks with insecure configurations
Pinpoint WPS-enabled networks
Detect wireless hotspots operated by authorized and unauthorized users
Protect against FragAttacks
Prevent wireless-spreading malware attacks such as Emotet