22 Nov, 01:26AM in sunny Singapore!

Wi-fi security flaws expose millions here to cyber attacks

Subscribe to Wi-fi security flaws expose millions here to cyber attacks 2 posts

Please Login or Signup to reply.
  • Queen of sgForums
    驚世駭俗醜不啦嘰 moderatress
    FireIce's Avatar
    264,490 posts since Dec '99
    • Millions of public, home and office wi-fi networks in Singapore are vulnerable to attacks by hackers targeting valuable data, after multiple security flaws were exposed by researchers, the Singapore Computer Emergency Response Team (SingCERT) warned on Tuesday (Oct 17).

      This means almost everyone who connects to the Internet via any device with wi-fi connectivity, such as laptops, mobile phones or even gaming consoles and smart home devices, is at risk.

      SingCERT, which is under the Cyber Security Agency, issued an alert saying: “These vulnerabilities may affect the data confidentiality of users’ Wi-Fi connectivity in homes and offices.”

      The flaws affect wi-fi networks worldwide that use the Wi-fi Protected Access (WPA) 2 protocol, the most common authentication and protection solution for wi-fi networks currently. It may also affect devices on the WPA standard, said SingCERT.

      “After a successful man-in-the-middle attack conducted on the affected devices, the attacker can exploit the vulnerabilities to monitor, inject and/or manipulate users’ network traffic,” said SingCERT.

      Experts say this potentially means hackers could attack home and office networks to try to access valuable data, or launch other kinds of mischievous attacks.

      Mr Bill Taylor-Mountford of security intelligence firm LogRhythm, said: “This means that any data being sent out, including sensitive information such as login credentials or personally identifiable information, can be decrypted by the attacker. The attacker may also use the same exploit to divert users to malicious sites or install malware.”

      Companies might be less at risk if they have sufficient security measures in place.

      Mr Anthony Lim, a consultant at ISC2, a global cybersecurity professional certification body, said: “If the company networks are properly managed, and have user privileges and access controls, and other security layers, then they are less at risk.”

      He added: “Home owners are more at risk because they have less internal security, and these hackers could attack not just their personal computers, but also smart home devices.”

      But all is not lost.

      Mr Lim pointed out that in practice, it would be more challenging to launch such an attack as hackers would need to be within proximity of the wi-fi networks in order to do so. But this potentially makes public wi-fi networks a problem, said experts.

      Device manufacturers such as Microsoft are already starting to roll out patches, which consumers are advised to download. Google and Apple have said they will be releasing one soon, while there is no fix yet from the router manufacturers.

      Telcos here are encouraging their customers to track updates from their device manufacturers and diligently apply patches.

      “We are working with our device partners to better understand when patches will be made available, and we strongly encourage our customers to ensure that their wireless devices are running on the latest software,” said a Starhub spokesman.

      Users who do not yet have access to patches can take steps to avoid being compromised, by connecting to fixed broadband or mobile networks only, said industry experts. They can also secure their networks by using a secondary encryption solution such as a Virtual Private Network (VPN).

      Mr Taylor-Mountford advised companies to ensure their networks are secured by additional layers of network security, such as VPN or end-to-end data encryption software, while waiting for patches.

      “More essential, however, is ensuring that the network is monitored in real-time to detect any unusual behaviour or threats. This gives us more time to react and respond to cyber attacks, which are often first observed within the network itself."

       

      todayonline

  • SuperNord's Avatar
    1 post since Nov '17
    • Hello!

      I appreciate that information! Thank you, but I want to add a few ransomware prevention tips:

      • Toggle your email provider’s anti-spam settings to filter out all the potentially harmful incoming messages. Raising the bar beyond the default protection is an important countermeasure for ransom Trojans.
      • Define specific file extension restrictions in your email system. Make sure that attachments with the following extensions are blacklisted: .js, .vbs, .docm, .hta, .exe, .cmd, .scr, and .bat. Also, treat ZIP archives in received messages with extreme caution.
      • Rename the vssadmin.exe process so that ransomware is unable to obliterate all Shadow Volume Copies of your files in one shot.
      • Keep your Firewall active at all times. It can prevent crypto ransomware from communicating with its C&C server. This way, the threat won’t be able to obtain cryptographic keys and lock your files.
      • Back up your files regularly, at least the most important ones. This recommendation is self-explanatory. A ransomware attack isn’t an issue as long as you keep unaffected copies of your data in a safe place.
      • Use an effective antimalware suite. There are security tools that identify ransomware-specific behavior and block the infection before it can do any harm (http://soft2secure.com/knowledgebase/bad-rabbit-ransomware)
Please Login or Signup to reply.