Recently we focused on the threat of unprotected Wi-Fi networks to individuals – regular people who might not realize that using free public hotspots found at coffee shops and elsewhere actually leave them open to cyberattacks.
What sometimes goes unmentioned is that those Open Wi-Fi networks leave the owners of those networks vulnerable too.
Unfortunately, many small businesses (and even some bigger ones) fail the wireless security test – they’re guilty of one of the more common of the “7 Deadly IT Sins.”
As Sophos Global Head of Security Research James Lyne discovered in his “warbiking” research experiments, around one-third of the Wi-Fi networks he scanned had no encryption or outdated encryption.
That means a hacker could spy on wireless traffic or trick users into visiting phony websites designed for phishing – stealing their account logins, passwords or financial information.
These small business Wi-Fi networks often used default network names, and likely default network passwords as well – making it easy for cybercriminals to connect to the network, putting sensitive data at risk.
Bad security practices are common, often because – as James explains in the video below – IT departments fail to update configurations over time, what he calls “configuration drift.”
Check out our 7 Deadly IT Sins website to learn more about how to protect your business from this and other security sins.