Events have now become reliant on technology to function at optimal levels. as well as for powering the organisers’ own devices, which makes it a prime target for potential hackers.Event managers are right to be fearful of attacks on their connections, but no technology, router or measure can offer 100% protection against threats. If anything, there is a strange level of reassurance from the fact that cyber criminals are becoming more sophisticated and unpredictable; if they really want to bring a service down, there isn’t a lot you can do.
Despite the threats, it is possible to run a secure wi-fi connection and this should now form part of any event strategy, especially given that many attacks happen as a result of negligence by the organiser.
The usual suspects
Wi-fi attacks are common and take many different forms. A MiTM incident (short for “man in the middle”) sees the The criminal has a few options with this tactic, but the end goal is to connect the user to a malicious network, where sensitive data can be lifted.
You may also recognise the denial-of-service attack, where hackers overload a network by sending a flood of messages towards it. The network then becomes unavailable due to its crashing under the weight of the requests.
The best way to protect your network is by undertaking small yet vital measures to ensure your name stays off the criminals’ radar. Here are some easy methods of keeping your own house in order:
Change your wi-fi details
One of the most common mistakes is made by allowing the wi-fi’s credentials to be altered. Every connection has a login function, meaning every connection provides a chance for an attacker to guess its username and password.
You can save yourself a lot of problems by switching basic details like “admin” and “1234” with something a bit more specific. Think about a term that only you could guess, or consider the use of random password generator for something really obscure.
Hide each user’s identity
When hackers can see who’s connected to the wi-fi network, it is possible for them to launch a MiTM attack. Each connection should be administered by someone with enough technical knowledge to prevent this from happening. So long as you’ve requested a way for everyone’s identities to be concealed, you’ll have taken care of the situation on your side.
Gain protection against ARP spoofing
Public wi-fi connections are highly susceptible to ARP spoofing, which refers to the act of tricking a computer to send data to a hacker’s machine, as opposed to the router.
These attacks have been the downfall of many public wi-fi networks, although some routers are built in a way that prevents them from happening. You should, therefore, ask the venue if they have pre-configured settings in the network to evade such attacks.
Operate with multiple networks
Given that your technology is constantly at risk from the dark forces, you should always aim to limit, rather than avoid, your chances of succumbing to complete disruption.
A method of risk aversion for events is to one for general use by attendees, and the other for devices which help with tasks like registration and image projection. This does not reduce the chance of a network being compromised, but it can prevent hackers from causing problems in more than one area.
Make logs for each connection
Provided that someone is making a note of all the people connected to the wi-fi, it becomes very easy for them to see if anyone is accessing a malicious website. This is the kind of proactive move which can prevent attacks at the earliest opportunity, before they can really get started.
We’ll reserve a final mention to the importance of having a trained IT worker to monitor these logs and look out for any suspicious movements. Some venues will have personnel whose role involves the maintenance of wi-fi among other tasks relating to network security. In the same way that you wouldn’t run a busy event without staff or security, you shouldn’t leave your wi-fi unattended.