Safeguarding Wi-Fi Settings: An Essential Step in Information Technology Disposal

The Hidden Risk in Your Discarded Devices While it’s common knowledge to clear personal data like photos and messages from old gadgets, many overlook the peril of Wi-Fi settings left intact. These seemingly harmless settings can be a treasure trove for cybercriminals, offering potential access to your private or corporate network. Phones, printers, video game consoles, smart devices, … can all enable criminals a key to your networks.

Based on a recent post from Kaspersky Blog , we will look deeper into these risks and what you can do to mitigate them.

The Consequences of Neglected Wi-Fi Settings

1. Unwanted Network Usage: At its most benign, someone might use your Wi-Fi without your knowledge, leading to reduced bandwidth.
2. Data Breach: Trusted devices within a network can freely communicate, making it easier for cybercriminals to access sensitive data.
3. Illegal Activities: Your network could be hijacked for nefarious purposes like DDoS attacks or spamming, resulting in blacklisting or legal implications.
4. Corporate Vulnerabilities: Many businesses emphasize external threats, neglecting the risk that discarded internal devices, like printers, pose to the network.

The Ease of Exploiting Discarded Gadgets Many devices store Wi-Fi settings in an unencrypted format. Combine this with traces of your identity on the device, and cybercriminals possess a map and key to your network. Even the device’s name can provide significant clues about the owner or their location.

A Cybersecurity Architecture Look at the Scenario

Given the content on gadget disposal and Wi-Fi settings security, the following cybersecurity architecture attributes become relevant:

1. Confidentiality: This is the most apparent attribute. Discarded devices containing Wi-Fi settings can provide unauthorized access to a network. Once in, the intruder might access confidential data. Thus, maintaining the confidentiality of network access information is crucial.
2. Integrity: It’s essential that the processes and tools used for wiping devices work correctly and consistently. If a tool says it has removed data, users need to trust that the data’s integrity has been compromised to the point of being irrecoverable.
3. Availability: If a malicious actor gains access to a network using Wi-Fi credentials from a discarded device, they might launch a DDoS attack or otherwise compromise the network’s availability.
4. Utility: This attribute deals with the usability and appropriateness of data. In the context of the article, it pertains to ensuring that the data (Wi-Fi settings) is rendered useless (lacking utility) for potential malicious actors when devices are discarded.
5. Authentication & Authorization: These deal with ensuring that only verified entities can access the network and that they can only access what they’re allowed to. A rogue device with old Wi-Fi settings can bypass these if not handled correctly.
6. Non-repudiation: If a discarded device is used maliciously, there needs to be a mechanism to trace back the activity to its source, ensuring that the actor cannot deny the action.
7. Accountability: This pertains to keeping track of all devices, ensuring they’re correctly wiped before disposal, and taking responsibility for any oversights or lapses.
8. Auditability: Linked with accountability, this requires mechanisms to verify and validate that the proper procedures were followed before a device’s disposal.

Why are these attributes relevant? The entire scenario outlined in the article points to an overarching need to ensure that Wi-Fi settings—effectively the keys to the kingdom—are treated with the importance they merit. This isn’t just about the settings themselves, but the implications of their misuse: unauthorized data access, network attacks, potential legal ramifications, and damage to reputation. These attributes provide a holistic framework to understand, address, and mitigate these risks from a business perspective. Through the SABSA lens, businesses can approach this challenge in a structured and comprehensive manner.

Securing Your Network: Where To Start

Steps you can take to mitigate the risks from discarded devices include:

1. Thorough Data Wiping: Before parting with any device, ensure a complete data wipe. This involves:
   • Physically formatting drives on PCs and laptops.
   • Conducting factory resets on other gadgets, doubly ensuring the erasure of all data.
   • Validating that resets genuinely delete everything. Remember the Canon printers’ incident where Wi-Fi settings persisted after a reset!
2. Regularly Update Wi-Fi Credentials:
   • Upon disposing of a device, promptly change your Wi-Fi password.
   • Employ strong, lengthy, and randomly generated passwords using tools like Kaspersky Password Manager.
   • Always opt for advanced encryption methods like WPA2 or WPA3.
3. Implement Strict Access Control:
   • With the right router settings, manage device-level Wi-Fi access rights.
   • Newly connected devices should be isolated until granted explicit access.
   • Always isolate discarded or sold devices within router settings.
4. Simplify Wi-Fi Access Control: For those seeking a straightforward approach:
   • Segment your Wi-Fi for different device categories: computers, smartphones, smart home equipment, and guest devices.
   • Utilize tools like Kaspersky Premium’s Devices on My Network feature for a streamlined monitoring experience.

Going Deeper: Expanded Guidance

For those who need to prioritize this threat based on the associated risks to their business, using the NIST Cybersecurity Framework (CSF) can guide companies in addressing these risks.

Here are specific tools, processes, or controls to considered, as aligned with the NIST CSF:

1. Asset Management (NIST CSF Category ID.AM):
   • Tool/Process: Device Inventory Tools
   • Why: These tools help companies maintain an updated list of all devices, ensuring that none are overlooked during disposal.
   • How: By having a clear inventory, the company can track and manage the lifecycle of each device, ensuring they’re properly wiped and disposed of.
2. Access Control (NIST CSF Category PR.AC):
   • Tool/Process: Network Access Control (NAC)
   • Why: NAC solutions can prevent unauthorized devices from accessing the network. They can be particularly helpful if an old device with stored Wi-Fi settings tries to reconnect.
   • How: NAC tools enforce policies that require devices to authenticate before gaining network access, checking the device’s identity and ensuring it meets security standards.
3. Data Security (NIST CSF Category PR.DS):
   • Tool/Process: Data Encryption and Secure Deletion Tools
   • Why: Even if Wi-Fi settings are wiped, other sensitive data might remain. Encryption ensures data is unreadable without the proper key, while secure deletion tools overwrite data to make it irretrievable.
   • How: Before disposal or resale, devices should have their drives encrypted and then wiped using secure deletion protocols.
4. Awareness and Training (NIST CSF Category PR.AT):
   • Tool/Process: Employee Training Programs
   • Why: Employees must understand the importance of data security, the risks of discarded devices, and the proper procedures for device disposal.
   • How: Regular training sessions can update staff on best practices, with occasional drills or tests to ensure compliance.
5. Response Planning (NIST CSF Category RS.RP):
   • Tool/Process: Incident Response Plan (IRP)
   • Why: Should a breach occur due to a discarded device, the company needs to have a plan in place to respond quickly and effectively.
   • How: Create a detailed IRP that outlines steps to take when a security incident occurs. This includes communication strategies, roles and responsibilities, and recovery processes.
6. Recovery Planning (NIST CSF Category RC.RP):
   • Tool/Process: Backup and Disaster Recovery Solutions
   • Why: If a discarded device leads to a network breach and data loss, having backups allows the company to restore its data.
   • How: Implement regular backup schedules and test recovery processes periodically to ensure data integrity and availability.
7. Protective Technology (NIST CSF Category PR.PT):
   • Tool/Process: Endpoint Security Solutions
   • Why: These tools can detect and prevent unauthorized access attempts from old or unknown devices.
   • How: By installing endpoint security solutions on all devices, any malicious activity or unauthorized access attempts can be identified and stopped.

Final Thoughts

Embracing robust cybersecurity is not a one-time task but a continuous process. When disposing of devices, understanding the significance of Wi-Fi settings and taking proactive steps to secure them is a commitment to a safer digital future, both personally and professionally.