WatchGuard Blog

A vulnerable Wi-Fi network puts your organization's data at risk

A few weeks ago, a cybersecurity analyst unexpectedly discovered that he could dump files from the hotel network system where he was staying in Qatar to his own computer using the sync tool (used for file synchronization). Through an HSMX Gateway, he managed to access a welter of sensitive data held on an FTP server used for backup purposes. This included personal information on guests such as their room numbers, emails, and cell phone numbers.  What's more, the files downloaded were not only from the resort itself but also from the entire group, comprising 629 hotels in more than 40 countries.

It was not only personal data that was exposed, as the vulnerability, but the analyst also found allowed cybercriminals to deploy other techniques. For example, they could spoof the hotel's Wi-Fi access landing page so that guests would see a fake landing page when they connected asking them to enter even more sensitive personal data such as credit card numbers, which hackers could exploit to steal money from their accounts or sell on the Dark Web. 

This discovery highlights how insecure public Wi-Fi networks can be and how they represent a major access vector that puts both users and the organizations that manage them at risk. Several measures should be taken to protect these networks:

  • IT or cybersecurity managers in organizations should ensure that all their servers and third-party software are up to date, with patches installed properly, which reduces the chances of vulnerabilities being exploited. Patch managers that automate and facilitate these processes can be used for this purpose.
  • For simple and secure Wi-Fi network management, they should use advanced solutions that are easily managed from the cloud and have Wi-Fi 6 Access Points with WPA3 encryption. This guarantees a Trusted Wireless Environment for all. 
  • In turn, these Access Points have to be integrated into a secure network that has advanced firewall devices with greatly advanced security capabilities such as cloud sandboxing, anti-malware with AI technology, threat correlation, and DNS filtering.
  • Finally, users and customers connecting to any public Wi-Fi network, no matter how protected it might seem, are recommended to do so through protected VPNs that have virtual Firewalls.