Imagine for a moment that a person walks through your reception area. It's nothing illegal right? Your reception area is likely filled with hundreds of people every day. So what is so special about this person? Well, in this person's pocket is a cell phone that is actively scanning that lobby for anything that is connected to the internet. Printers, WiFi access points, Bluetooth devices and more. This has been taking place since 2004 and it is almost certain that your premises are on the database.

Actors can still reach your premises from afar with specialist equipment such as long range antennas. If you see an antenna like this (https://www.alfa.com.tw) in or around your premises you should inform your cyber security consultant.

Presently there are around 500 000 + individuals engaging in this activity. Data sets are available on the surface web and the dark web. We are able to identify the sources where your organisation is mentioned and listed. We are also able to remove your listings. For more info see can you remove my corporation's details from the database? below.

When an individual performs an on site infrastructure scan of a particular location they gain a number of data points. These data points reveal attributes like the SSID (Service Set Identifier) which is essentially the name of any available wifi devices in close proximity.

The network id is also collected which is a MAC address. A MAC address is the unique identifier for any hardware device that connects to a network. For example the MAC address 00:09:0F:A0:8D:30 is manufactured by Fortinet Inc.

In this particular case an attacker can deduce that this hardware is designed for high performace secure network operations (https://www.fortinet.com/products).

Now with this in mind, the attacker can seek out security vulnerabilities in this specific manufacturer's equipment (https://www.cvedetails.com/vulnerability-list/vendor_id-3080/Fortinet.html) and build in to his/her attack plan whatever is needed to execute their course of action.

Here we have identified potential attack vectors with just two attributes of many that are present in our data, imagine what an attacker can do with the rest!

Yes, for an administration fee your data can be removed from the global database. Please contact us if you require this.

Unfortunately, YES. With each second and each scan the encryption types of the devices in close proximity are imprinted in the record, whether it is WPA, WPA2 or WEP.

YES. Smartphones appear in the database if they have Bluetooth enabled. We have other datasets that are mobile specific if you are seeking to understand your exposure within this specific field. Please contact us for this specific requirement.