Feb 11, 2016 | Cybersecurity Advice, Internet Security News, Network Security, Web Filtering
One of the main priorities for IT professionals in 2016 is securing Wi-Fi hotspots. The use of unsecured public Wi-Fi is notoriously risky. Cybercriminals spy on the activity taking place at WiFi hotspots, and it is at these Internet access points is where many man-in-the-middle attacks take place.
The Dangers of Unsecured WiFi
Preventing employees from using personally owned and work devices on unsecured Wi-Fi networks is a major challenge, but one that must be met in order to keep work networks free from malware.
When employees use smartphones, tablets, and laptops to connect to unsecured Wi-Fi networks, there is a high risk that those devices may be compromised. Hotspots are frequently used to deliver malware to unsuspecting website visitors, and malicious software can subsequently be transferred to work networks. With personally owned devices increasingly used for private and work purposes, the risk of a work network malware infection is particularly high.
The risks associated with unsecured Internet access points are well known, yet people still tend to still engage in risky behavior when accessing the Internet via these wireless networks. In a rush to take advantage of free Internet access, basic security best practices are all too often ignored. Devices are allowed to connect to Wi-Fi hotspots automatically and Wi-Fi hotspots are not checked to find out if they are genuine or have been spoofed.
Security Professionals Concerned About Employees’ Use of Unsecured WiFi Networks
A recent survey conducted by the Cloud Security Alliance indicates security professionals are very concerned about the use of unsecured WiFi networks. The Cloud Security Alliance is a collective of security professionals, businesses, and privacy and security organizations that are committed to raising awareness of cybersecurity best practices.
The organization recently conducted a survey and asked 210 security professionals their opinions on the top threats to mobile computing in 2016. 2010 member organizations were polled and more than 8 out of 10 respondents (81%) said that the threat from unsecured WiFi access points was very real, and was one of the biggest mobile security risks in 2016.
The Importance of Securing WiFi Hotspots
Many organizations that operate a network of Wi-Fi hotspots have yet to implement security measures to keep users of those networks secure. Those Wi-Fi access points are made available to customers in bars, restaurants, hotels, airport lounges, sporting venues, and on public transport such as busses and trains.
Guests are allowed to connect to those networks, yet little is done to police the activity that takes place over the network. Consequently, the door is left open for cybercriminals to conduct attacks.
Failing to provide even a basic level of security is a big mistake. If patrons suffer malware infections, data loss, identity theft, or other forms of fraud as a result of accessing the internet at a particular location, they are likely never to return.
With IT professionals now educating their staff members about the dangers of using unsecured WiFi access points, businesses that offer secure WiFi access are likely to attract far greater numbers of customers than those that do not.
There is a cost associated with securing WiFi hotspots of course. However, what must be considered is the amount of business that will be lost as a result of not securing WiFi hotspots. The cost of implementing security measures is likely to be much lower in the long run.
Securing WiFi Hotspots with WebTitan Cloud for WiFi
A business offering customers wireless Internet access used to have to purchase additional hardware or software in order to secure WiFi access points. Not only was there a cost associated with adding a security solution, implementing that solution was a complex task that required skilled staff and many man-hours.
Providing a secure browsing environment for customers would mean getting them to download software to the device used to access the Internet. That is hardly a practical solution for a bar or restaurant where quick and easy access to the internet is required by customers.
WebTitan offers a much easier solution that makes securing WiFi hotspots a quick and easy task. Since WebTitan Cloud for WiFi is a 100% cloud-based security solution, it requires no additional hardware and no software installations. Any user can connect to a WiFi network and benefit from a secure browsing environment, regardless of the device they use to connect.
Setting up a WiFi web filtering security solution is also fast and painless, and doesn’t require much in the way of technical expertise. Simply change the DNS settings and point them to WebTitan, and a secure browsing environment will be available to customers in a matter of minutes.
Websites known to contain malware can be easily blocked, users can be prevented from downloading files types frequently associated with malware, and web content can be filtered to stop users from engaging in questionable internet activity such as viewing pornography. Securing WiFi hotspots couldn’t be any easier.
If you are interested in securing WiFi hotspots run by your company, contact WebTitan today to find out just how easy and cost effective it can be to offer your clients a secure browsing environment.
US Sales +1 813 304 2544
UK/EU Sales +44 203 808 5467
IRL +353 91 54 55 00
or email us at info@webtitan.com
Feb 5, 2016 | Cybersecurity Advice, Network Security, Web Filtering
Organizations running WiFi networks are facing attacks from all angles. Many companies are choosing to implement web filters for WiFi networks to help mitigate risk from the growing number of malware variants that are being used to attack businesses via their WiFi networks.
A new report issued by Bilbao-based antivirus software developer Panda Security, has revealed the extent of the problem. Last year, over 84 million new malware samples were identified, which equates to 27% of all malware previously identified.
The proliferation in malware has been attributed, in part, to the rise in use of antivirus software and the effectiveness of those software programs. When a new malware is discovered, antivirus signatures are updated and shared with all antivirus software developers. In a very short space of time, all AV engines will block a particular malware.
Hackers have respondent by using software that modifies malware slightly, allowing hundreds or thousands of variants to be released. An increased number of malware variants are needed in order to get past antivirus software programs, as many AV engines are capable of detecting malware that has been modified slightly. The more variants are used, the higher the probability of malware getting past security software.
When Panda was formed in 1990, the company was detecting approximately 100 new malware variants a day. Today 230,000 new samples are discovered every day, on average.
Trojans are the most common malware form, with the full breakdown of new malware variants detailed below:
| Malware Type |
% of new malware discovered in 2015 |
| Trojans |
51.45% |
| Viruses |
22.79% |
| Worms |
13.22% |
| PUPs |
10.71% |
| Spyware |
1.83% |
Blocking Malware with a Web Filtering Solution
Malware is installed on user devices via a variety of different vectors. Spam email is one of the most common methods of malware delivery, but fortunately, one of the most straightforward to block. A robust anti-spam solution can be used to block the vast majority (over 99.7%) of spam emails from being delivered. Training users how to recognize malware can help to ensure that any rogue emails that get past the filter will be identified and deleted before any damage is caused.
Blocking malware from being installed via malicious websites can be more difficult. Hackers use exploit kits to probe for security vulnerabilities in browsers and browser plug-ins, and deliver malware in drive-by attacks without the knowledge of website visitors. Social engineering tactics are used to fool users into downloading malware, and malicious software can be installed on legitimate websites or placed on adverts displayed by those websites.
One of the best protections to implement to ensure users’ devices are not infected with malware is a web filter. A web filter will restrict access to websites known to contain malware, as well as categories of websites where malware is most likely to be located. As well as protecting users from objectionable website content such as pornography or religious extremist material, it will also keep their devices safe and free from Trojans, viruses, worms and other malicious software. A web filtering solution can be a highly effective protection against malware as part of a multi-layered security system.
Web Filters for Wi-Fi Networks Keep Internet Users Secure
One of the ways enterprises are keeping their wireless networks secure is by using web filters for WiFi networks. WiFi networks are particularly risky and need to be secured. Due to the risk of using wireless networks, many customers avoid networks that are unsecured.
Installing software solutions on individual devices that connect to wireless networks is far from ideal. Many companies have BYOD policies that permit the use of personal devices at work, and it would not be practical to install web filtering software solutions on each and every device used to connect to the network. In a coffee shop or hotel, this would simply not be possible.
The easy solution is to use DNS-based web filtering solutions, as they do not require the installation of any software on users’ devices. All that is required to run DNS-based web filtering is a simple change to the DNS server addresses on the company’s router.
Any user with a modicum of technical knowhow would be able to bypass a DNS-based web filter and access blocked content, although with some minor configuration changes to the router, users can be prevented from using any other DNS servers other that the one with the web filtering solution in place.
TitanHQ web filters for WiFi networks
TitanHQ’s web filters for WiFi networks offer highly granular controls. WebTitan Cloud for WiFi networks can be fine-tuned to suit any organization’s needs, allowing light control of Internet use to highly restrictive Internet filtering.
No software installations are required thanks to the 100% cloud-based system, and no additional hardware is required. Only very minor changes need to be made to point DNS servers to the correct location, and after basic parameters are set, WebTitan’s web filters for WiFi networks will be up and running.
It may not be possible to eliminate the risk of a malware attack, but with WebTitan Cloud for WiFi, risk can be reduced to a low and acceptable level.
Key benefits of WebTitan web filters for WiFi networks
- Create a family-friendly, safe and secure web browsing environment.
- Accurately filter web content through 53 pre-set categories and up to 10 custom categories.
- Filter by keyword and keyword score.
- Filter content in 200 languages.
- No hardware or software installations required
- Suitable for static and dynamic IPs
- No impact on broadband speed
- Suitable for use with multiple routers
- No limits on access points or users
- Scalable solution for businesses large and small
- Block access to inappropriate website content
- Block phishing attacks and malware and ransomware downloads
- Integrate the solution into existing billing, auto provisioning and monitoring systems through a suite of APIs
- Manage access points through a single web-based administration panel.
- Easy delegation of the management of access points
- Schedule and run reports on demand with real time-views of Internet activity and extensive drill down reporting.
- World class customer service
- Highly competitive pricing and a fully transparent pricing policy
Find out more about the benefits of installing web filters for WiFi networks by calling TitanHQ today
Feb 4, 2016 | Cybersecurity News, Internet Security News, Network Security
Two highly serious Netgear NMS300 ProSafe security vulnerabilities have been discovered that could be exploited by hackers to gain control of servers running the software, and/or download any file on the server on which the software is running.
The Netgear NMS300 ProSafe network management system is used by many companies to configure and monitor their network devices. Netgear NMS300 ProSafe is popular with small to medium size businesses as the software is free to use on fewer than 200 devices.
Recently Agile Information Security researcher Pedro Ribero discovered two critical Netgear NMS300 ProSafe security vulnerabilities.
Netgear NMS300 ProSafe Security Vulnerabilities
One of the vulnerabilities (CVE-2016-1525) allows remote code execution by an unauthenticated user via the Netgear NMS300 web interface. A hacker would be able to exploit this security flaw and upload and run java files with full system privileges, potentially gaining full control of the server on which the software is being run.
The NMS300 system is used to manage a wide range of networked devices such as routers, switches, network-storage devices, wireless access points and firewalls. Not only could this vulnerability allow the configuration of these devices to be changed, it would also permit an attacker to install firmware updates on those devices.
The second vulnerability (CVE-2016-1524) discovered by Ribeiro is an arbitrary file download, that would permit an authenticated user to download any file stored on the server that is being used to run NMS300.
These Netgear NMS300 ProSafe security vulnerabilities are particularly serious and at the present time there is no patch available to plug the security flaws. Users can improve protection and prevent the Netgear NMS300 ProSafe security vulnerabilities from being exploited by restricting access to the web interface with new firewall rules to limit access. Ribeiro recommends never exposing Netgear NMS300 to the Internet or untrusted networks.
Both vulnerabilities affect Netgear NMS300 versions 1.5.0.11, 1.5.0.2, 1.4.0.17 and 1.1.0.13
