Rogue Wi-Fi Access Points

An adversary could set up unauthorized Wi-Fi access points or compromise existing access points and, if the device connects to them, carry out network-based attacks such as eavesdropping on or modifying network communication[1][2].

ID: T1465

Tactic Type:  Without Adversary Device Access

Tactic: Network Effects

Platform:  Android, iOS

MTC ID:  LPN-0

Version: 1.1

Mitigations

MitigationDescription
Encrypt Network TrafficApplication-layer encryption (e.g. use of the Transport Layer Security protocol) or a Virtual Private Network (VPN) tunnel (e.g. using the IPsec protocol) may help mitigate use of untrusted Wi-Fi networks.
Enterprise PolicyEnterprise policies could be provisioned to devices to control the Wi-Fi access points that they are allowed to connect to.

References