Small Business Attack – Rogue Wireless
The best attacks are often also the simplest. It’s easier to just steal someone’s wallet or purse than it is to hack into a vendor and download their credit card number. It’s easier to offer someone a chocolate bar for their password than it is to send them a phishing email and hope that it works. Similarly, it is easier to break into a network from the inside than it is from the outside.
For example, an attacker could stroll in to your office, wait for a distraction, and plug in a wireless access point and then run any desired attacks from the outside. For example, the WL-330 is the size of a pack of cards. (As is the DWL-G730AP.) It’s easy to smuggle in and easy to set up. Then, all the attacker needs to do is to have an excuse to get into your building.
Of course, those can’t be hard to come by. After all, it’s not like your organization ever orders pizza, calls in for service to a printer or has a cleaning staff, right? I’m also sure that there is no secluded place that an attacker could sit with a laptop and run exploration tests. Most buildings don’t have parking lots, nearby coffee houses or bathrooms, right?
Maybe there is a problem.