You might not consider warshipping – malicious hardware sent by post – when planning your cybersecurity strategy. After all, it uses one of the oldest methods of delivery available. Yet, it can pose a real threat to your network if successful.
Warshipping is on the rise, due to the growth of online shopping, so here’s what to look out for and how to prevent it.
What is warshipping?
Warshipping is when a hacker sends a physical package containing hidden malicious hardware – such as a cheap single board computer or Raspberry Pi – which will have 3G capability, a power source (e.g phone battery) and can be remotely controlled. This can be used to access a company’s network to perform other attacks or, worse, to exploit system vulnerabilities and access confidential information.
The device can gain access in different ways. By listening for handshake packets then sharing the encoded handshake with their servers, they can decode the preshared key to reveal the Wi-Fi network’s password. Or, by imitating existing WiFi networks in an evil twin attack, they can harvest the login details of any users that connect.
How to prevent warshipping at your company
There are a number of ways you can avoid this type of attack:
- Upgrade to secure WiFi access points to use WPA2. This will make it harder for hackers to intercept useful data
- Monitor for rogue WiFi devices and educate staff to be aware of lookalike WiFi networks
- Avoid using pre-shared keys in corporate wireless environments
- Don’t allow employees to receive packages at work. If this isn’t possible, consider using parcel scanners in your mailroom, or creating a quarantine zone to isolate them from the main building.
- Use MFA. That way, even if a hacker acquires login details, it will require additional verification to gain access, which they can’t provide.
Although these methods will help, alone they can’t guarantee you’ll never be targeted. It’s still important to remain alert, and update your security protocols regularly.