What is a WiFi network audit?
A network audit consists on carrying out a series of tests that detect vulnerabilities, entry points, and poor configurations in order to prevent access to the network by cybercriminals, preserve the integrity of the data of the company and its customers, as well as optimize the configuration of your wifi network so that you can get the most of it.
Vulnerabilities in WiFi networks can be very dangerous and affect companies in any industry, as shown in the following real-world examples:
Casino theft via WiFi network
| In one casino the cybercriminals managed to access the network through a vulnerability in the thermostat of a fish tank, which was connected to the network. Once there they analyzed and found other vulnerabilities that allowed them to move laterally through the network, until they reached the database of selected customers. Fortunately this attack was detected and blocked thanks to the fact that this casino had implemented the cybersecurity system with artificial intelligence Darktrace.. |  |
Casino theft via WiFi network
In one casino the cybercriminals managed to access the network through a vulnerability in the thermostat of a fish tank, which was connected to the network. Once there they analyzed and found other vulnerabilities that allowed them to move laterally through the network, until they reached the database of selected customers. Fortunately this attack was detected and blocked thanks to the fact that this casino had implemented the cybersecurity system with artificial intelligence Darktrace.
Data theft through Mexico subway WiFi
| In this case, the theft didn’t happen directly to the company, but to the users who connected to the free WiFi network of the Mexican subway. By connecting to this network without any protection, users have suffered theft of personal data (which has allowed the misuse of the bank accounts of those affected), identity theft, etc.
Companies can offer free WiFi to their customers and/or users, but they must do so securely so that the network does not become a tool for cybercriminals. |
 |
Data theft through Mexico subway WiFi
In this case, the theft didn’t happen directly to the company, but to the users who connected to the free WiFi network of the Mexican subway. By connecting to this network without any protection, users have suffered theft of personal data (which has allowed the misuse of the bank accounts of those affected), identity theft, etc.
Companies can offer free WiFi to their customers and/or users, but they must do so securely so that the network does not become a tool for cybercriminals.
Data theft in banks through Rogue AP
| At one bank, customers suffered a data leak when cybercriminals set up a Rogue AP, a WiFi hotspot that aims to get users to connect to it in order to capture user traffic, and with it their credentials.
In addition, this system can also be used to gain access to internal company data, as cybercriminals use them as illegal access points installed in the company (without authorization from the IT department) to connect lawful devices and steal their credentials. |
 |
Data theft in banks through Rogue AP
At one bank, customers suffered a data leak when cybercriminals set up a Rogue AP, a WiFi hotspot that aims to get users to connect to it in order to capture user traffic, and with it their credentials.
In addition, this system can also be used to gain access to internal company data, as cybercriminals use them as illegal access points installed in the company (without authorization from the IT department) to connect lawful devices and steal their credentials.
Other types of audits
Pentest
A pentest consists on a computer security audit in which the company’s systems are attacked through the different breaches detected, analyzing the extent to which a real attacker could gain access.
Source Code Audit
In a Source Code Audit we evaluate the degree of security of the source code of the applications used or developed by your company in search of vulnerabilities that could be exploited by attackers.
Social Engineering Audit
The purpose of this audit is to obtain confidential information from the company’s own employees without the employees being aware that they are compromising the company.