There is an amazing device that has been released called a Flipper Zero. I am one of the early backers of this device and have been playing around with one for about a year now. This little device looks like a toy and can fit in the confines of your pocket, however, it is not a toy wrong hands. To me, it is a tool that I have been using to assess different aspects of cybersecurity posture. More and more applications have been coming out for Flipper Zero, each with their own unique and interesting capabilities. One of which I have been toying with lately is called Marurder. Marauder allows for some unique wifi attacks including deauthorizing wifi clients and PMKID sniffing (which can potentially steal your wifi password).
Using an insecure wifi protocol such as WEP, WPA, or WPA2 could make you vulnerable to these types of attacks. It is recommended to switch to WPA3 for better wifi protection. I have found during my testing that it is almost impossible, to sniff out a password using common wifi attack tools out there (including Marauder and aircrack-ng).
If your business utilizes wifi for its operations, you may want to conder how susceptible you are to these attacks and how they can affect your operations. Even remote workers at home who utilize their own wifi to access business systems can pose a threat if not having proper controls like a VPN or use a secure wifi protocol. Understanding the risks of wifi and the controls that are in place to mitigate attacks is crucial to any cybersecurity program. If your business doesn’t have a cybersecurity plan in place today to protect its most critical systems, you may want to reach out to a cybersecurity expert to assist you.
Infosec Insights is on a journey in assisting organizations to operate more securely. We handle all sorts of IT needs and can assist with deploying new technologies securely. Please reach out today if you are interested in a free wifi penetration test for your business.