Are You Inviting Hackers into Your Network?

by Peter Martini, COO iboss Security

It no longer requires high tech tools to hijack an imperiled network.  Are you using a traditional MDM solution?  You could be leaving the backdoor to your network swinging wide open for anyone to slip inside.  For example, when you set the traditional proxy settings on iOS devices to extend web filtering when users are off-premise and allow users to enter their directory credentials to authenticate, you could be exposing the credentials to the public. Even when utilizing HTTPS login on the mobile device, the data is sent in simple encryption.

Cyberdefense-magazine-image

All the thief needs is a receiver, some free software, and about 15 seconds of patience.   ‘Recently, the iboss Mobile Security team identified a network vulnerability when securing tablets and mobile devices with MDM when off-premise. They showed how a hacker could access the network using nothing more than tools you can buy anywhere and free software on the web.  They didn’t even have to download it!  How can this be you ask?

  • Tools are cheap – free even!
  • Takes less than one minute to gain access.
  • Anyone can do it!

It is horrifyingly simple. Once a user inputs his/her username and password, even if it is only once during initial authentication, that information is communicated every time the device connects to the internet and then again it is transmitted to each new site or page visited.  The proxy portion of the request to connect is never encrypted even when accessing an https site because the device still has to handshake with the page in a brief communication.  Usernames and passwords are easy to collect because that information is transferred during the handshake with each and every connection.

Hackers can also see IP addresses and then set themselves up on your network.  With very little patience and some testing, a hacker can find the credentials of your network management staff and with that can hijack the entire network.  The time has passed when this type of simple proxy setting secured a network from even the laziest hacker.  To learn more about how to close this backdoor and secure your network, contact iboss Security at www.iboss.com.

About iboss Security
iboss NxtGen SWG Web Security solutions are highly scalable providing layer 7 granular HTTP, SSL, Threat and Application control across on-premise and mobile devices with dynamically searchable user based reporting. Integrated directory aware Intelligent Bandwidth Management extends network access for BYOD and mobile devices while ensuring mission critical services remain uninterrupted.

Subscribe to Cyber Defense Magazine

Join our mailing list, no strings attached. We never sell your data. We'll send you monthly e-magazines, webinar invites from us and our partners, cybersecurity trade show updates, awards, infosec news, cybersecurity tips and so much more on all things cyber defense.
Subscribe

Related News

Gone Phishing: How Ransomware, Log4j, and Other Exploits Use Your Network to Catch the Big Fish New Research Reveals Network Attacks at Highest Point Over the Last Three Years Smart IoT Security Starts with a Secure Network Why Seeing Your Network Through a Hacker’s Eyes Helps Defend It
July 14, 2013

CyberDefenseMagazine Follow 24,016 54,487

Cyber Defense Magazine - The Premier Source for IT Security and Compliance Information. https://t.co/748STKH6k0.

cyberdefensemag

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

12th Anniversary Global InfoSec Awards for 2024 are now Open! Take advantage of co-marketing packages and enter today!

Show Me!
X