Wi-Fi interceptor targets unauthorised hotspots – but use it with care

US hotel chain Marriott may have copped a hefty fine for blocking Wi-Fi hotspots at its hotels, but the practice is set to become more common with the emergence of new solutions enabling other companies to do the same thing.

An update to Fluke Networks' AirMagnet Enterprise wireless intrusion detection system has strengthened its ability to scan for and detect signals across 245 Wi-Fi bands, including 44 standard bands and 201 that are less frequently used.

This approach is designed to improve security by blocking potentially dangerous ingress channels into corporate networks, which often rely on the security controls built into wireless access points. Its goal is to allow businesses to mitigate interference from nearby networks that might cause problems for their own.

Detected networks can be actively blocked using the system, allowing businesses to introduce 'wireless-free zones' where all wireless communication is blocked.

However, those security features are only updated sporadically, via firmware; the AirMagnet tools, by contrast, can be updated within what Fluke claims is often less than 24 hours of identification of the new threats. The system also includes wireless monitoring, logging, auditing and performance management tools.

“Security and network operations not only have to content with the inherent dangers and performance impacts of BYOD on their networks, but also the very real risk of espionage, hacking and malicious attacks from inside or outside their corporate boundaries,” Fluke Networks CEO David Coffin said in a statement.

“As we've seen with recent attacks, companies risk long-term damage to their brand and reputation, as well as immediate lost productivity and revenue without thorough detection and mitigation of security threats. Wireless is impossible to see, but this makes our customers' wireless networks protected and visible to them.”

Companies utilising this and similar solutions will need to be judicious in their use of the Wi-Fi blocking technologies, however: as the US$600,000 fine that Marriott copped last October attests, companies interfering with personal communications may well backfire.

Marriott had joined other hotels in petitioning the US Federal Communications Commission for the right to block personal hotspots to “maintain the security and reliability” of their networks.

A consumer complaint, lodged in March 2013, alleged that Marriott's Gaylord Opryland facility was “jamming mobile hotspots so you can't use them in the convention space”.

Marriott admitted the activity, which the FCC held was contrary to so-called Section 33 regulations barring the blocking or interception of communications signals.

“The growing use of technologies that unlawfully block consumers from creating their own Wi-Fi networks via their personal hotspot devices unjustifiably prevents consumers from enjoying services they have paid for and stymies the convenience and innovation associated with Wi-Fi internet access,” FCC Enforcement Bureau chief Travis LeBlanc wrote in his October decision on the matter.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Upcoming IT Security Events

March 3rd, March 5th, March 9th 2015

Read more: Peeling back the darknet

Join CSO for the day@#csoperspectives and hear from @kimzetter @LeviathanSec

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)

Join the CSO newsletter!

Error: Please check your email address.

Tags AirMagnet Enterprisewireless-free zonesFluke Networks'Marriott Hotelnetwork operationsWi-FSecurity ControlsBYODhotspots

More about AirMagnetCSOEnex TestLabFCCFederal Communications CommissionFlukeFluke NetworksIT SecurityUS Federal Communications Commission

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts