Network Airspace Protection

The overlooked layer of network security

What are digital
airborne attacks?​

Digital airborne threats are a class of network risks that leverage wireless devices in your corporate digital airspace (such as Wifi, cellular, 5G, Bluetooth, etc.) to launch attacks against your corporate network. In these attacks, the threat actor turns the wireless devices within the proximity of the corporate into “antennae for hire”. Since the traffic is not routed through the enterprise network it bypasses organizational network security controls. Security teams are left without visibility into this risky traffic, and consequently, are not able to achieve full control and complete protection over their corporate network. 

Unauthorized access to corporate network

 the attacker compromises a computing device through the device’s wireless capability and uses the now-compromised device as a stepping stone into the corporate network.

Network and device hijacking

 the attacker uses an “antenna for hire” within the corporate proximity and turns it into an Access Point (AP) under the attacker’s control.

Data
leakage

corporate data leaving the secure corporate network through an unsupervised network channel.

Digital airborne threats cannot be ignored as they may lead to:

Today’s digital airborne attacks are remote and software-based

The corporate IT landscape is swarming with wireless-capable devices. Outside the corporate, there is an endless number of wireless devices – “antennae for hire”. The combination of both allows attackers to attack the corporate airspace without physically being in the vicinity of the corporate. 

Current Malware

Emotet Trojan, NetWalker Ransomware, Mirage Trojan

On the researcher’s mind

Researchers are recognizing the pressing issue of airborne threats and in BlackHat 2020 there were already 6(!) talks simply dedicated to wireless security.

Officially recognized

The Office of Inspector General at the US Department of the Interior emphasized the lack of security on the DOI’s wireless networks.

Digital Airborne attacks in the wild

The pressing need for network airspace security

 

A gaping hole in your network security

 

Wifi authentication and encryption do not address airborne attacks as these all happen on other channels not monitored or controlled by the enterprise wireless equipment. And in most cases, interaction with the victim machine is completely outside of the corporate network scope making NAC and wireless firewalls completely oblivious to such communications. 

 

Your AP vendor does not have you covered

 

Some AP devices come with built-in Wireless Intrusion Detection Systems (WIDS).  However, these devices only check for rogue APs or Evil Twins through whitelisting, resulting in numerous false positives, and do not cover the full range of airborne attacks. Furthermore, these solutions are vendor-based whereas a typical corporate may have APs from multiple vendors. 

 

IoT security simply doesn’t address airborne threats

 

Given that a corporate network is affected by so many IoT devices surrounding the enterprise but controlled by other organizations makes IoT security solutions irrelevant to the problem of airborne attacks. 

IoT Security

Network Airspace Protection (NAP)

(AirEye)

AP Vendors


Wireless channel detection services 

Description

Unauthorized Network Access

Network and
Device Hijacking

Data Leakage

Prevention of any type of airborne attack

Asset inventory on corporate devices only. Lack visibility into connections so cannot indicate whether a connection is malicious.

Verifies only if their AP is legitimate. Any other AP, incl. competitor AP, is automatically considered rogue.

Lack context on whether the connection is compromised making these detection-only services.

Identify corporate assets in your digital airspace

Be able to automatically create an inventory of all APs and devices that are part of the enterprise airspace. 

Identify corporate assets in your digital airspace

Be able to automatically create an inventory of all APs and devices that are part of the enterprise airspace. 

Identify corporate assets in your digital airspace

Be able to automatically create an inventory of all APs and devices that are part of the enterprise airspace. 

Identify corporate assets in your digital airspace

Be able to automatically create an inventory of all APs and devices that are part of the enterprise airspace. 

Identify corporate assets in your digital airspace

Be able to automatically create an inventory of all APs and devices that are part of the enterprise airspace. 

Network airspace security capabilities

Ready to see AirEye Dome in action?

Schedule a demo now