Network Airspace Protection

The overlooked layer of network security

SCHEDULE A DEMO

What are digital
airborne attacks?

Digital airborne threats are a class of network risks that leverage wireless devices in your corporate digital airspace (such as Wifi, cellular, 5G, Bluetooth, etc.) to launch attacks against your corporate network. In these attacks, the threat actor turns the wireless devices within the proximity of the corporate into “antennae for hire”. Since the traffic is not routed through the enterprise network it bypasses organizational network security controls. Security teams are left without visibility into this risky traffic, and consequently, are not able to achieve full control and complete protection over their corporate network.

Unauthorized access to corporate network

the attacker compromises a computing device through the device’s wireless capability and uses the now-compromised device as a stepping stone into the corporate network.

Network and device hijacking

the attacker uses an “antenna for hire” within the corporate proximity and turns it into an Access Point (AP) under the attacker’s control.

Data
leakage

corporate data leaving the secure corporate network through an unsupervised network channel.

Digital airborne threats cannot be ignored as they may lead to:

Today’s digital airborne attacks are remote and software-based

The corporate IT landscape is swarming with wireless-capable devices. Outside the corporate, there is an endless number of wireless devices – “antennae for hire”. The combination of both allows attackers to attack the corporate airspace without physically being in the vicinity of the corporate.

Current Malware

Emotet Trojan, NetWalker Ransomware, Mirage Trojan

On the researcher’s mind

Researchers are recognizing the pressing issue of airborne threats and in BlackHat 2020 there were already 6(!) talks simply dedicated to wireless security.

Officially recognized

The Office of Inspector General at the US Department of the Interior emphasized the lack of security on the DOI’s wireless networks.

Digital Airborne attacks in the wild

The pressing need for network airspace security

A gaping hole in your network security

Wifi authentication and encryption do not address airborne attacks as these all happen on other channels not monitored or controlled by the enterprise wireless equipment. And in most cases, interaction with the victim machine is completely outside of the corporate network scope making NAC and wireless firewalls completely oblivious to such communications.

Your AP vendor does not have you covered

Some AP devices come with built-in Wireless Intrusion Detection Systems (WIDS). However, these devices only check for rogue APs or Evil Twins through whitelisting, resulting in numerous false positives, and do not cover the full range of airborne attacks. Furthermore, these solutions are vendor-based whereas a typical corporate may have APs from multiple vendors.

IoT security simply doesn’t address airborne threats

Given that a corporate network is affected by so many IoT devices surrounding the enterprise but controlled by other organizations makes IoT security solutions irrelevant to the problem of airborne attacks.

IoT Security

Network Airspace Protection (NAP)

(AirEye)

AP Vendors 

Wireless channel detection services

Description

Unauthorized Network Access

Network and
Device Hijacking

Data Leakage