How Dangerous is a Rogue Device on a Network?
Blog / How Dangerous is a Rogue Device on a Network?
4 MIN READ
One of the biggest risks facing corporations today is rogue devices. These are devices not issued by the corporation itself. While corporate-issued devices would be, or at least very much should be, adhering to cybersecurity best practices in making sure they’re secure, it tends to be a different story with employee’s personal device, especially things like mobile phones which can be targeted by spyware.
It may surprise a number of people that the personal mobile phone they carry around in their pocket every day, their own laptop or possibly even smartwatch could be used as an attack vector by malicious actors trying to gain access to corporate systems.
We certainly tend to take our phones with us everywhere, and our laptops and tablets aren’t necessarily far behind if we have to do work on the go. Many of us may hook them up to the public Wi-Fi available there without a second thought, not even questioning we didn’t even need to use a password to gain access.
Who else could be sharing the same network that you’ve now connected your device to and what could they do? Machines on a network talk to each other, that’s the very basis of networks, the internet and the Internet of Things (IoT), but there are some devices and people your device should never, ever meet.
What are the attack vectors?
One of the most devastating things for a company is for a hacker to gain access to their system and network. Malicious actors can use a variety of delivery methods to infiltrate networks by rogue devices, including:
- Directly plugging in a malicious USB.
- A device with malware (e.g. phone) being plugged into a corporate-issue machine.
- A misconfigured network allowing a malicious actor to connect their device onto that network.
Once a malicious actor gets a device on a network, the majority of protections are circumvented. Cybersecurity is traditionally about keeping threats out of systems and networks, like a well-defended wall around a fort. This has become increasingly difficult, especially as threat actors become more and more creative and we see the rise of remote working and an increasingly mobile workforce in general.
Moreover, the person who actually pulls the trigger on the cyber event may not even realise they’re doing it. Hackers use a variety of tactics to make employees unwitting pawns in cyberattacks, including:
- Using social engineering like email phishing to get an employee to install malware on their personal device or give out sensitive information.
- Getting employees to connect to scam Wi-Fi hotspots that spoof trusted entities like their favourite café and trick their phone into automatically connecting.
- Even leaving malicious USBs lying around with the hopes someone will connect to a corporate-issue device.
- Getting direct access to a machine that isn’t logged out.
- Stealing written-down passwords or watching a user input them by shoulder-surfing.
Companies need to make sure that their employees are trained to properly follow cybersecurity best practices and procedures. As cyberspace is a constantly evolving environment, this training needs to be kept up regularly and have up-to-date content to uphold company policy and keep staff on top of the latest tactics and techniques threat actors will employ to prevent them from gaining access to systems and causing a cyber event.
How to protect your devices and networks
With the rise of a mobile workforce and remote working, organisations and cybersecurity are facing greater and greater challenges in getting it right when it comes to defending their employees, systems, networks and the assets that exist on them from cyber threats.
It’s advised that when employees are on the go with portable devices like mobile phones and laptops, they should:
- Have strong passwords for your devices and log out when not using them.
- Never connect to a public Wi-Fi that doesn’t require passwords and/or is unencrypted. Also, it strongly isn’t advised to connect if the encryption is weak like WEP as that is less secure than WAP2 and WPA.
- Don’t leave your device out of sight for a moment. You may want to trust your co-workers, but malicious insiders are a common problem in cybersecurity.
- Use tethering and your own mobile hotspot when travelling, as mobile networks use high-frequency radio waves and are quite different from regular Wi-Fi.
- Don’t have Wi-Fi enabled when not using it and delete public networks as hackers can spoof Wi-Fi hotspot names and trick your phone into automatically connecting.
- Do not have Bluetooth enabled while not using it as it can enable file sharing and allow threat actors to install malware.
It’s also important to make sure that a corporation’s Wi-Fi network is properly configured to prevent a malicious actor from just sitting in the public lobby of a company and being able to do some real damage just by connecting wirelessly via their mobile phone or laptop.
While Wi-Fi is inherently riskier than ethernet due to the fact ethernet requires you to do the extra step of finding and physically plugging into an access point, Wi-Fi can be made practically just as secure as ethernet if it is properly configured.
How can you detect if a rogue device is connected to your network?
There can be a lot of devices hooked up to networks. In fact, with millions of connected devices having security flaws and almost half of companies unable to detect IoT device breaches, organisations really need to be able to take stock and keep track of all the IP-connected devices on their network in order to even begin to defend themselves against this cyber threat.
Moreover, the intranet and extranet of an organisation can be giant, be segmented into different, smaller Local Area Networks (LANs) physically or via Virtual LANs and have countless devices connected in all variety of ways. Essentially, it’s one thing to have a cyber policy that includes looking out for rogue devices, it’s another thing to actually do it effectively.
How Securiwiser can protect your business
Securiwiser is a security monitoring tool which evaluates your company’s cybersecurity posture and flags up vulnerabilities that threat actors will exploit in an easy-to-read dashboard, checking things like the security of your network and cloud, if you have malware, if there’s suspicious port activity, and much, much more. Give yourself a free scan today!
Previous ArticleTop Five Tools for Penetration Testing
Next ArticleBusiness Email Compromise
How secure is
How secure is