By Hunter McCurry
The modern-day business world continues to move forward into the wireless era and the need for Wi-Fi networks is reaching an all-time high. As the necessity for wireless networks in restaurants and small business grows, so does the threat of attacks from cyber terrorists. In this week’s article, we will cover some of the more common threats and attacks used on restaurants and small business Wi-Fi networks.
Private VS Public Wi-Fi Networks.
When creating Wi-Fi networks for your business, you should ALWAYS have your network set to Private. A Public or poorly secured Wi-Fi network leaves the door wide open to malicious threats and cyber-attacks, which often leads to the compromise of sensitive company, employee, and customer data. As you begin to set up your private business network, you should strongly consider the use of firewalls, protective software, and strong password/passphrase management.
It is best practice to have two separate Wi-Fi networks. One Secured Private network for business use only, and the other as Public Wi-Fi for customer access. Separately managing the Public Wi-Fi network will greatly reduce the risk of compromises to your business network, but still leave the possibility of cyber-attacks on your Public Wi-Fi users.
Business Poorly/Un-Secured Wi-Fi Attack Threats.
A poorly secured Wi-Fi network will leave your business at an extremely high risk of data breaches and compromises. There is a multitude of sensitive data that an attacker can access and use to their advantage. Here are a few examples:
1. Access to Sensitive Business and Employee Data – Devices on your network have access to sensitive documents and data such as bank account information, account passwords, intellectual property, and personally identifiable information of employees. A cybercriminal could use this compromised data to commit fraud and identity theft as well as selling your private information and trade secrets on dark web forums for a hefty sum.
2. Access to Credit/Debit Card Information – A breached network could expose all your sales data and could potentially wreak havoc on servers, point of sales terminals, and any payment devices. Not only will this allow an attacker to gain full access to your payment data, but it also puts your customer’s at risk giving the attackers full eyes on sensitive information. This could be detrimental to not only the business, but your customers as well. Attackers take the stolen data to sell on the Dark Web and/ or clone bank cards to use fraudulently. This results in damage to all parties involved.
Malware and Ransomware are two common cyber threats on restaurants and retail businesses. A weak network can be breached and malicious software, or Malware, can easily be deployed to any device on the network. These malwares, often called computer viruses, worms, Trojan horses, spyware, and adware to name a few, can completely cripple a network or any devices on it. Whereas malware is deployed to cause damage, Ransomware is deployed to block or lock the system until a fee is paid. A business’s server, computer or any Point-of-Sale equipment is rendered completely useless, halting all operations and sales until the ransom is paid. In many cases, cyber-terrorists will not release the data being held hostage even after the ransom is paid, leaving you with a broken system and a big financial loss.
How To Secure Your Business Wi-Fi Network.
When creating a Private Wi-Fi Network, there are several variables you should take into consideration to ensure the highest levels of safety. By implementing security measures that meet the industry standard, your business can be kept safe from most forms of cyber-attacks. A few recommended security measures for your restaurant or retail network are:
1. Firewall and Protective Software – Installing a physical firewall to buffer your network is one of the strongest forms of cyber security you can implement. Having a managed firewall device between the internet and your network can prevent unauthorized access to your network, as well as block suspicious websites and emails. Protective software (antivirus, spyware, endpoint protection, etc.) can detect and prevent malicious attacks that can slip through the firewall via an email or compromised website.
2. Password Management – A strong password scheme is a basic yet important aspect of cyber security. It is recommended to have a password that contains both upper- and lower-case letters, number, and special symbols. Passphrases are also strongly recommended over simple passwords. Listed are a few examples:
3. Limit Private Network Access – By limiting the number and types of devices connected to your Private Business Wi-Fi, you can prevent access from foreign devices that can possibly be compromised. The business dedicated Wi-Fi network should be limited to devices that are part of business operations. If an employee’s personal device containing malicious software is connected to the business network the malicious software can be spread to other devices on the network, possibly compromising your entire system. Personal devices and foreign devices should be prioritized to a separately managed Wi-Fi network.
Public Guest Wi-Fi Attack Threats
Many restaurants and small businesses offer guest Wi-Fi networks for their employees and customers to use. The guest networks are well received by the customer and heavily used in some environments. What most customers do not realize is all their data, personal files, and credit/debit card information, are all at major risk of cyber-attack when on a public Wi-Fi network. Different methods a cybercriminal can use to breach your customers’ personal device and access private data can include
1. Packet Sniffers – Also known as a Packet Analyzer or Wi-Fi analyzer, come in various forms of both hardware and software. They can be used by attackers to intercept network traffic from any device connected to the guest Wi-Fi network. Once packet data is captured, it can be decoded into raw data that can show information in sensitive fields on the site used by the unsuspecting customer. Using this method, a cyber-terrorist can gain access to a customer’s social media, email and gain other personal account passwords used while on the guest Wi-Fi. They can also capture credit/debit card information if the guest is doing online shopping on the network.
2. File-sharing Deployment – Most laptops and cellphones have an option for file-sharing or device-sharing. While very useful at home or at work, having file sharing enabled on a public Wi-Fi network can be very dangerous. If a customer connects their device to a public Wi-Fi without first disabling file/device-sharing, their device will be visible to other sharing devices on the network. An attacker could use file/device-sharing to deploy malicious software from their device to the unsuspecting customer device, in turn compromising any personal data or files on that device.
3. Evil Twin / Mimic Attack – Customers can fall victim to a cyber-attack simply by connecting to a fraudulent guest Wi-Fi network. An Evil-Twin/Mimic attack can be set up by a cyber-terrorist using a hotspot or broadcasting device set up as a clone or mimic of a legitimate business guest Wi-Fi. Once a customer connects their device to this mimic network, their device is immediately vulnerable to any form of cyber-attack from the network broadcaster. Attackers will set up a network broadcasting at a higher bandwidth and name it very similarly to the legitimate guest Wi-Fi. For example:
Legitimate Wi-Fi Evil-Twin/Mimic Wi-Fi Restaurant Wi-Fi 2.5 Ghz FREE Restaurant Wi-Fi 5 Ghz
How To Avoid Public Guest Wi-Fi Attack Threats
By practicing safe web surfing standards and limiting what accounts and software you use while on public guest Wi-Fi you can avoid falling victim to cyber-attacks. We listed a few common actions to avoid while on Public Wi-Fi:
1. Avoid using sensitive data and accounts while on public Wi-Fi. Some examples of accounts to avoid using are social media, online banking, online shopping, bill pay, and email accounts.
2. Turn off or disable all file-sharing and device-sharing options on your device before connecting to a public Wi-Fi network.
3. Verify your connection to a legitimate guest Wi-Fi network. You can do this by looking for official postings in the restaurant or business or ask an employee for the correct Wi-Fi information.
4. Use a VPN. By using VPN software, you can encrypt and secure your internet connection on any Wi-Fi network with internet access. We recommend Private Internet Access VPN.
Contact Firestorm Cyber for help on getting industry-leading and the #1 protection for your computers, tablets, and your restaurant infrastructure.