Did they pass? You’ll have to read on to find out…
Ruckus, which is now a part of Commscope via acuquisition in 2018, came into the business-class Wi-Fi market in 2002 with a disruptive antenna design. At the time, the antenna technology was quite novel and utilized multiple electrically-steerable antenna arrays to focus signal to desired targets such as laptops or mobile phones, and reject noisy sources like other Wi-Fi networks and Radio Frequency (RF) interference. Their technology has helped businesses all over the world offer rock-solid Wi-Fi service, but does it keep hackers out?
What do hackers want with Wi-Fi and who are these people anyway? First, the desired loot of a Wi-Fi hack is the same as any other cyber attack like ransomware or botnets – information leading to money. Unsuspecting Wi-Fi victimes can have the majority of there session silently intercepted by attackers looking for obvious information of value like usernames/passwords, credit card numbers, and less-obvious information like hotel room number and last name from a captive portal and web app session cookies. As to the identity of these attackers…it ranges vastly from curious YouTube watchers in the hotel lobby to nation-state attackers looking to extract high-ranking corporate employee login credentials.
A major portion of today’s population uses Wi-Fi, and a subset of those users likely encounter Ruckus access points (APs). Therefore, Wi-Fi professionals at Miercom recently decided to challenge several AP vendors including Ruckus’ R510, and test if these devices can automatically detect and prevent the six known Wi-Fi threats, which if successfully prevented can keep Wi-Fi users safe from many nefarious hacking activities. The test report shows that the R510 was able to automatically detect two of the six threats (Evil Twin AP and Ad-Hoc) – and failed to automatically detectthe other four. The R510 also failed to automatically prevent all six threats.
To prevent a Wi-Fi threat means that the Ruckus AP would send some combination of wireless frames and wired frames out to render the threat useless while the threat is within range. Results are seen in the table below and full test details can be downloaded here. Note the first two columns show the Ruckus R510 operating alone and the green columns show it when a WatchGuard AP125 is added to the network to protect the R510 from Wi-Fi hacks. Remember, the term Wireless Intrustion Prevention System (WIPS) is heavily abused in the industy because there is no vendor-neutral standard that defines exactly what features and capabilities an AP must have to claim it has WIPS. That means that WIPS from Ruckus and WIPS from WatchGuard are totally different, even though the same four letters are claimed by both vendors.
This is one of the main reasons why the Trusted Wireless Environment framework was created to bring transparency to the industry and raise awareness on the seriously overlooked problem of Wi-Fi hacking.
Using the law of ‘Googling it,’ you’ll see approximately the following number of results for these search terms:
- Ransomware ~ 21 million
- Wifi hacking ~ 159 million
- Pineapple ~ 290 million
- Bananas ~ 753 million (sorry pineapples, you’re not as popular)
In terms of how important the topic of Wi-Fi hacking is to the Internet, it sits higher than ransomware (but lower than fruit). Mainstream media has had a disproportionately high focus on covering ransomware stories verus Wi-Fi hacks over the past several years. This could likely be driven by the fact that the six Wi-Fi hacks are technically over twenty years old. Hard to call it breaking news when Wi-Fi has been hackable for a few decades. It’s also a possible reason why most AP vendors appear not to be making security a priority in their development roadmaps.
Protect Ruckus APs From Hacking with WatchGuard
Fortunately for the market, WatchGuard has been gearing its cloud-managed AP roadmap with unique security feature sets. To determine how existing Ruckus Wi-Fi networks can become Trusted Wireless Environment compliant, Miercom configured a WatchGuard AP125 AP as a security sensor dedicated to protecting the R510 from the six known Wi-Fi threats. The results show that Ruckus was 100% protected once a WatchGuard AP125 APs was added. From a deployment perspective, network and security administrators will find a simple solution where the Ruckus APs continue to connect Wi-Fi users as usual and the WatchGuard APs act as a sort of Wireless Intrusion Prevention System (WIPS) sentry, constantly monitoring the air space and wired network for the presence of any of the six threats.
If you have an Ruckus Wi-Fi network and are wondering how many WatchGuard APs you need to add to your existing Ruckus network to protect it, any WatchGuard reseller near you has access to a professional service from WatchGuard that will provide you with a predictive simulation survey that determines the recommended number of WatchGuard APs, installation locations, and WIPS/Wi-Fi coverage range.
Testing Your Own Wi-Fi Network for Wi-Fi Hacking Vulnerability
Those interested in testing their own Ruckus Wi-Fi networks for Trusted Wireless Environment compliance can follow the Trusted Wireless Environment test guide, and contact Miercom via their website for a more thorough test involving live client workloads.
Leave a Reply