The main risks for a business's wireless networks involve the potential for outsiders to gain access to internal network resources, exploit free internet service or disrupt employees' access. Insiders may also be able to exploit poorly configured wireless networks to exfiltrate sensitive data or associate untrusted devices to the network.
The most common vulnerabilities presented by wireless networks are either the result of inherent weaknesses in the most commonly used wireless protocols, or they are often created by mistakes made during the process of configuring networks. Open networks can be abused in numerous ways by outsiders. Requiring users to sign into captive portals offers little protection and is often easily bypassed. Networks utilizing encryption with the WPA2 protocol and requiring authentication with Pre Shared Keys (A shared password) or via a RADIUS server using employee credentials offers more protection. However, depending on the systems deployed and various configuration choices, these networks can be vulnerable to Denial of Service (DoS) attacks initiated by outsiders, the capture of authentication packets and subsequent Brute Force Attacks that can compromise weak passphrases, Evil Twin access points that are clones of legitimate wireless access points, and Rogue access points that can be used to bypass important controls meant to restrict traffic between sensitive internal resources and the internet.
