Configuration and implementation problems can lead to unauthorised access to sensitive information or networks; often without the intruder even setting foot inside a building. Therefore, wireless networks require close monitoring and periodic assessments to mitigate the exposure to security threats.
The purpose of a wireless assessment is to interrogate a wireless infrastructure, and to provide assurance that it cannot be used to compromise the integrity and confidentiality of an organisations network or data. In most cases the footprint of a wireless network will extend beyond the desired area. This effectively extends the network boundary beyond the physical boundary of private premises and into public space.The majority of mobile devices supplied today have wireless connectivity hardware enabled by default. An attacker can use such a wireless interface as a beachhead for further attacks into the wired corporate network infrastructure.
Whilst attacks against wireless networks have received less media attention of late, the attack vectors that gained notoriety throughout the last decade remain present and demand attention. Portcullis’ approach provides options for testing the full range of threats to a corporate wireless network, including authentication, encryption, segregation of guest and corporate services, the ability to compromise wireless clients and wireless denial of service testing.
Why perform a wireless assessment?
- To execute a real-world attack on infrastructure and understand the level of risk that exists at a single moment in time.
- To better identify and validate all security vulnerabilities associated with your Internet-facing environment.
- To understand the level of risk for your organization compared to similar companies.