The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted and mature information security standard designed to secure credit/debit card transactions and protect cardholders against misuse of their personal information. But, more could be done to help protect against Wi-Fi Layer 2 attacks such as flooding an access point (AP) with de-authentication frames, cracking WPA2/WPA3, and connecting a Rogue AP onto the network that allows attackers to siphon cardholder data over Wi-Fi.
To help educate readers on these major security challenges, WatchGuard recently worked with Wayne Murphy, a passionate Senior Security Consultant at Sec-1 Ltd, on a blog post that addresses today’s growing Wi-Fi security vulnerabilities and threats. What Wi-Fi threats should you be worried about? Wayne outlines each of the six known threat categories, as defined by the Trusted Wireless Environment framework, in this new PCI Ramblings blog post. Here’s a sample of the first two:
“Rogue Access Point: Rogue access points are physically connected to an organisation’s IT infrastructure without their knowledge. These APs will then provide the threat actor with connectivity into the organisations networks and IT systems. From here, the threat actor will attempt to compromise the system components being used by the organisation. Think of a Rogue AP like a long invisible ethernet cable that attackers can use to connect to a company’s Local Area Network (LAN) and comfortably work their way into the rest of the network over a Wi-Fi connection.
Rogue Client: A rogue client is a client that is authorized on the wireless network but has been compromised by malware. This can occur if the client has been involved in an “Evil Twin” attack, which has resulted in malware being installed. This risk is that the malware that the client has been infected with could spread through the organisation’s environment.”
Read the entire post to learn more about these Wi-Fi threats, along with neighbor APs, ad-hoc networks, evil twins, and misconfigured APs. To join the Trusted Wireless Environment Movement, click here. For more information on WatchGuard Secure Wi-Fi solutions, click here.