Hackers breach Wi-Fi network of U.S. firm from Russia — daisy chain attack jumps from network to network to gain access from thousands of miles away

(Image credit: Shutterstock)

Russian hackers compromised the Wi-Fi of an organization located in the U.S. without needing to get into range of its wireless network. The attackers accomplished the feat by jumping from one Wi-Fi network to another until they finally reached the destination target. Cybersecurity firm Volexity detailed the attack on its blog after it discovered suspicious activity on a client’s computers (Company A).

The hackers were able to access their target by first compromising the network of a neighboring firm (Company B). In their first attack, they looked for a computer that was connected via Ethernet to the initially compromised network (Company B) but could also connect via Wi-Fi. From there, they connected to the wireless network of their final target (Company A). Another attack showed the hackers penetrating the network of a third company (Company C) to then connect to Company B’s Wi-Fi. They then used that connection to Company B to advance their cyberattack on Company A.

Attacks on Wi-Fi networks have been around for years, with one operation in 2018 making the news after it was discovered that Russian operatives were attempting to get into the wireless network of the Organization for the Prohibition of Chemical Weapons in The Hague by using equipment in the trunk of a car. However, this kind of daisy chain attack, called “nearest neighbor attack”, where the attackers use one or two different networks to compromise a third one, is unheard of. The discovery of this technique makes cybersecurity even more complicated, as you now have to consider the network (both wired and wireless) of organizations that are within range of your Wi-Fi access points.

Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.

3 Comments Comment from the forums

kjfatl

I'm not a fan of useless government regulations. That said, all civilized nation should require a minimal level of security on wired and wireless networks. If any device does not meet this security level, it should not be recognized by the network. Practical implementation of this is not a trivial matter, but it can be done without effecting usability of the network. In fact is likely to improve network performance.
Reply
nrdwka

kjfatl said:
I'm not a fan of useless government regulations. That said, all civilized nation should require a minimal level of security on wired and wireless networks. If any device does not meet this security level, it should not be recognized by the network. Practical implementation of this is not a trivial matter, but it can be done without effecting usability of the network. In fact is likely to improve network performance.
The issue can EoL devices (as recent Dlink breach ).
There is high amount of not-up-to-date or EoL WiFi points around. And it is beyond reasonable expectation to have them all updated and, especially , replaced.
Reply
jp7189

kjfatl said:
I'm not a fan of useless government regulations. That said, all civilized nation should require a minimal level of security on wired and wireless networks. If any device does not meet this security level, it should not be recognized by the network. Practical implementation of this is not a trivial matter, but it can be done without effecting usability of the network. In fact is likely to improve network performance.
To protect against this you have to do multi factor on wifi, which basically means per device or per user certs, which requires a pki and an automated method of managing said certs. This is not trivial for many small companies.
Reply