Skip to content

T1465 Rogue Wi-Fi Access Points

An adversary could set up unauthorized Wi-Fi access points or compromise existing access points and, if the device connects to them, carry out network-based attacks such as eavesdropping on or modifying network communication12.

Item Value
ID T1465
Sub-techniques
Tactics TA0038
Platforms Android, iOS
Version 1.1
Created 25 October 2017
Last Modified 03 February 2019

Mitigations

ID Mitigation Description
M1009 Encrypt Network Traffic Application-layer encryption (e.g. use of the Transport Layer Security protocol) or a Virtual Private Network (VPN) tunnel (e.g. using the IPsec protocol) may help mitigate use of untrusted Wi-Fi networks.
M1012 Enterprise Policy Enterprise policies could be provisioned to devices to control the Wi-Fi access points that they are allowed to connect to.

References

  1. M. Souppaya and K. Scarfone. (2012, February). NIST SP 800-153 Guidelines for Securing Wireless Local Area Networks (WLANs). Retrieved December 24, 2016. 

  2. Alex Drozhzhin. (2014, November 10). Darkhotel: a spy campaign in luxury Asian hotels. Retrieved December 24, 2016. 

Back to top