What are the most prevalent threats for wireless-enabled laptops?At the ShmooCon hacker conference in January 2006, the Simple Nomad reminded us all of what many knew but few seemed to be thinking about: wireless clients are at risk not only while connected to an open network but also at risk any time the radio is turned on.Enterprise wireless networks can mitigate many of the risks to clients, but unfortunately all of this protection goes away the moment a user on the road connects to a hotspot in the airport, or even when the user has a hotspot in his or her network favorites list.There are many ways a client can be compromised, ranging from user error or ignorance to flaws in the operating system. When a user has an unsecured network in the favorites list, he or she becomes vulnerable to a much subtler attack than the well-known “evil twin” spoofed access point. When no network is available, the system will look for each network it has previously connected to. If the attacker provides a network with that name, the user’s system will automatically connect to it.Connecting to the false network exposes any network services that have not been patched, and it may initiate automatic tasks such as checking for new e-mail or system updates. All the attacker needs is a network service that looks long enough for a client to try to connect and send the login and password information. Users on any unsecured access point face the additional hidden risk of data injection. By spoofing connections and injecting malicious data, compromising a client can be as simple as replacing an image in a HTTP request with the browser exploit du jour.Compromised users are a threat to the secured network when they return. Many exploits “phone home” for updates and new code, copy or hide files, or provide hidden channels to control the compromised system. Even malware that doesn’t target files can cause network outages or legal liabilities if triggered as part of a denial-of-service botnet.User education and/or blocking users’ access to insecure networks from company laptops with clients that enforce wireless security policies are currently the only ways to prevent this from happening to your network. Make sure your users not only know what not to do, but why it’s important. They need to turn off wireless entirely when they’re not using it-this will even save them battery life.Mike Kershaw is author of Kismet, a popular open-source project for 802.11 wireless network detection, sniffing, and intrusion detection as well as an editorial board member of the WVE. Related content news analysis Cisco uncorks AI-based security assistant to streamline enterprise protection With Cisco AI Assistant for Security, enterprises can use natural language to discover policies and get rule recommendations, identify misconfigured policies, and simplify complex workflows. By Michael Cooney Dec 06, 2023 3 mins Firewalls Generative AI Network Security news Nvidia’s new chips for China to be compliant with US curbs: Jensen Huang Nvidia’s AI-focused H20 GPUs bypass US restrictions on China’s silicon access, including limits on-chip performance and density. By Anirban Ghoshal Dec 06, 2023 3 mins CPUs and Processors Technology Industry news EU approves $1.3B in aid for cloud, edge computing New projects focus on areas including open source software to help connect edge services, and application interoperability. By Sascha Brodsky Dec 05, 2023 3 mins Technology Industry Edge Computing Cloud Computing brandpost Sponsored by HPE Aruba Networking Bringing the data processing unit (DPU) revolution to your data center By Mark Berly, CTO Data Center Networking, HPE Aruba Networking Dec 04, 2023 4 mins Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe