Wireless Threats &

Vulnerabilities
Acoros, Elaiza Marie
Borja, Ren Norvyn
Burias, Angelo
Dahan, Heson
Joaquin, Jerald
Laurente, Kyle Miguel
Molera, Cheska Denise
Pedregosa, John Edward

Information Assurance Security 2

 Wireless Technology
Wireless communication (or just wireless) is the transfer of information between
two or more points that do not use an electrical conductor as a medium by
which to perform the transfer.

It have become an integral part of how we conduct our businesses. They ease
many processes and help us get rid of the clutter caused by hundreds of wires.
Wireless is freedom.
It's about being unleashed from the
telephone cord and having the ability
to be virtually anywhere when you
want to be.

Martin Cooper
The World with
Wireless Technology
Wireless technologies offer convenient solutions to our needs. They are practical and fast,
moreover they set us free of the clutter caused by wires and cables. On the other hand, it is no
secret that wireless networks are more vulnerable to attacks and intruders.
Wireless Threats & Vulnerabilities
Wireless networks are particularly
vulnerable to attacks because it is difficult
to prevent physical access to them.

The only advantage they have in this

respect is that an attacker must be in
physical proximity to the network, which
can limit the pool of potential attackers.

To secure wireless networks,

administrators should know what types
of vulnerabilities exist and what types of
attacks can exploit them.
Types of Wireless Attacks
WiFi networks can be vulnerable to a variety of different attacks.
It is important to be aware of them and take necessary steps
to prevent and reduce their impact.
ROGUE WIRELESS DEVICES
A rogue wireless device, or access point,
is an unauthorized WiFi device added
onto the network that isn’t under the
management of the network admins.
Possible Risk or Harm
Disclose confidential system information
that is potentially damaging to an
organization.
Common Incident
This sort of device can be maliciously
installed if the attacker has direct access
to the wired network, but more often
than not, they are added by staff that are
not aware of the implications.
Prevention
Periodic scanning, continuous
monitoring, and immediate alerting,
 Types of Wireless Attacks

Peer-to-Peer Attacks
Devices that are connected to the same access points
can be vulnerable to attacks from other devices
connected to that access point.
Possible Risk or Harm

It is vulnerable to exploits that involve exposure of sensitive

data, illegal file sharing activity and the distribution of
malware that includes spyware, bots, and viruses.

Common Incident

Communication jamming, DDoS attack,

eavesdropping.

Prevention

Client isolation which ensures that clients connected to the

access point cannot communicate with each other,
preventing this issue.
 Types of Wireless Attacks
EAVESDROPPING
Also known as sniffing or snooping attack,
is where information are being stolen and
are transmitted over a network by a
computer, smartphone, or another
connected device.
Possible Risk or Harm
It takes advantage of unsecured
network communications to have
access to the data because it is
being sent or received by its user
Prevention
One can use a personal firewall, keep
the antivirus software updated, and use
a virtual private network or VPN. Having
strong passwords, changing them
frequently, and using data encryption.
Common Incident
The passwords for public networks are
readily available, so an eavesdropper can
simply log in and using a free software,
monitor network activity and steal log-in
credentials along with any data that other
users transmit over the network.
 Types of Wireless Attacks
EAVESDROPPING TYPES

• The first type, casual eavesdropping, or sometimes called

WLAN discovery, is where a wireless client actively scans
for wireless access points.

• The second type, malicious eavesdropping, is the illegal

kind. This is where someone tries to listen in on the data
transferred between clients and the access point. Because
of this, it is essential to encrypt your networks, as anything
unencrypted can be listened in on.
 Types of Wireless Attacks
ENCRYPTION CRACKING This is where the attacker attempts to crack the encryption on the network.
WEP networks are the most susceptible to this.

Possible Risk or Harm Loss of Physical Storage Media, disclosure or modification of stored data, destruction of stored
data, and disclosure of data in transit.

Common Incident Marriott International Starwood

Date: September 2018
Impact: 500 million customers

Marriott learned during the investigation that there had been unauthorized access to the
Starwood network since 2014. Marriott recently discovered that an unauthorized party had
copied and encrypted information and took steps towards removing it. On November 19, 2018,
Marriott was able to decrypt the information and determined that the contents were from the
Starwood guest reservation database.

Prevention Use upper- and lowercase letters, special characters, and numbers. Never use only numbers.
Such passwords can be cracked quickly.

Change passwords every 6 to 12 months or immediately if they’re suspected of being

compromised. Anything more frequent introduces an inconvenience that serves only to create
more vulnerabilities.
 Types Of Wireless Attacks
AUTHENTICATION ATTACKS
This is where the attacker scrapes a frame
exchange between a client authenticating
with the network, and then they simply run
an offline dictionary attack.
Possible Risk or Harm
Depending on the strength of the password, it
could be just a matter of time before they crack
the password and gain access.
Common Incident
Broad-based phishing campaigns recognizes
that threat agents have to gain access to only a
few accounts or one admin account to
compromise the organization.
Prevention
Choose your password wisely
While you might be tired of hearing it, having a strong password is one of the most important steps in
keeping your information safe. There are many types of password attacks, from brute-force attacks to
dictionary attack, so we advise being more creative and staying away from “Password1234”.
Stay away from public Wi-Fi networks when logging into important accounts
Whilst using public Wi-Fi, you are more susceptible to Man-in-the-Middle attacks. Hackers can easily
position themselves between your device and the connection/service, putting your accounts at risk.
 Types of Wireless Attacks
MAC SPOOFING
A technique for temporarily changing the MAC
01 address of a device to bypass access blocks at the
network identifier level (MAC filtering).

The intruder sniffs the network for valid MAC

addresses and attempts to act as one of the valid
MAC addresses.
02 The intruder presents itself as the default gateway and
copies all of the data forwarded to the default gateway
without being detected. This provides the intruder
valuable details such as passwords, inputs, applications
and most importantly, your IP address.

Using network threat protection software can prevent

03 these attacks by changing the MAC address of a network

device or using private VLANs to restrict communication
between systems on the same IP subnet
Types of Wireless Attacks
MANAGEMENT This is sort of attack can become an issue when you make use of some
INTERFACE EXPLOITS devices such as wireless controllers that allow you to control your
access points via things like web interfaces or console access.

Possible Risk or Harm The possible risks are the BMC which are the components of IPMI that is a
collection of tools usually found in servers that allows system admins to
manage system from remote locations.

Common Incident According to Eclysium researchers, a BMC code was found that was
responsible for processing and applying firmware updates does not perform
cryptographic signature verification on the provided firmware image before
accepting the update and committing it to non-volatile storage. This allows the
attacker to load modified code onto the BMC that could provide malicious
firmware update, reboot the system, compromise data, bypass any operating
controls and a lot more.

Prevention Restrict IPMI to trusted internal networks and to manage VLANs with strong
networks controls. Monitor any trusted network for abnormal activity.
 Types of Wireless Attacks
DENIAL OF SERVICE
A type of attack meant to shut down a machine
or network, making it inaccessible to its intended
users. DoS attacks accomplish this by flooding
the target with traffic, or sending it information
that triggers a crash. In both instances, the DoS
attack deprives legitimate users.
Buffer Overflow Attacks
The concept is to send more traffic to a
Flooding Services
It occurs when the system receives too much
network address than the programmers
traffic for the server to buffer, causing them to
have built the system to handle.
slow down and eventually stop.
 Types of Wireless Attacks
DISTRIBUTED DENIAL OF SERVICE
This is an additional type of DoS attack. It occurs
when multiple systems orchestrate a synchronized
DoS attack to a single target. The essential
difference is that instead of being attacked from one
location, the target is attacked from many locations
at once.
The hacker behind the DDoS attack sends malware
to numerous systems and if successfully installed,
can use that malware to remotely take over some
(or all) of the compromised system’s processes to
carry out the attack.
What is a Botnet?
It is a virtualized “army” of compromised
computers and servers that are used to
target a specific system.
 Types of Wireless Attacks
WIRELESS HIJACKING / EVIL TWIN ATTACK
This occurs in situations where the attacker sets up a fake WIFI network that
looks like the legitimate access point, using the same SSID as a public hotspot.

Possible Risk or Harm The possible risk of this matter is that the attackers can collect sensitive
information/data from its affected target and its connections(family, friends, etc.)
that they can be used in illegal way or use it to block mail their target.

Common Incident U.S. Department of the Interior

Date: September 2020

Hackers gained unauthorized access to the Interior Department’s internal systems by

breaching agency Wi-Fi networks using $200 homemade hacking kits. Luckily, the attackers
were white hat hackers from the Interior Office of the Inspector General.

Prevention Prevent to log any accounts in an public WI-FI especially when it say
“Unsecure”. Even if it has a familiar name. And use 2-factor-authentication for all
of your sensitive accounts.
SOCIAL ENGINEERING
Traditional hacking aims to compromise the security settings of the IT systems and applications. In contrast
“Social Engineering” attempts to exploit the users by claiming to be employees vendors, or support personnel
to try to manipulate the workers, they use trust and emotions to deceive the victims into giving them
information that compromises data security.

Top Types of Social Engineering

• Phishing
• Spear Phishing
• Baiting
• Scareware
• Pretexting

Attack Cycle of Social Engineering

Step 1: Information Gather
Step 2: Establishing fake relationship to the victim.
Step 3: Exploitation
Step 4: Execution and Remove traces.

Types of Wireless Attacks

Something to Remember
Wireless networking provides numerous opportunities to increase productivity and cut costs. It
also alters an organization’s overall computer security risk profile. Although it is impossible to totally
eliminate all risks associated with wireless networking, it is possible to achieve a reasonable level of
overall security by adopting a systematic approach to assessing and managing risk.
Overall Solutions to Such Threats
The best approach to wireless security is to look at the external
and internal policies, management and security design that offer
high levels of security and the flexibility to adapt to changing
threats.

These policies will help you determine how to manage access to

your wireless network and determine how to keep authorized
users safe and secure, and unauthorized users blocked.
Firewalls
With a quality firewall, your company can establish a strong security foundation to prevent
unidentified access and offer secure network availability for your on-site and remote staff,
business partners and customers. Firewalls are a security staple in all secure networking
environments, wired and wireless.

Overall Solutions
 Overall Solutions

Intrusion Detection
Intrusion detection and prevention software, also found in wired and wireless networks,
provides your network with the software intelligence to immediately identify and halt
attacks, threats, worms, viruses and more.

Content Filtering
Content filtering is just as important as the first two solutions in all network environments
because it helps protect you from internal activity. Filtering and monitoring software
prevents your employees from accessing content via the Internet that could potentially be
harmful to your operations.
Overall Solutions

Authentication
Authentication and identification methods protect the secure data on your network. In addition to
password protection, solutions such as key fobs and biometric authentication ensure that only those
with proper authority to access your secure data can do so, keeping your wireless network safe.
 Overall Solutions

Data Encryption
Today’s business climate relies upon collecting, analyzing and (more importantly) sharing vital
information about your business and its customers. Data Encryption can be used to secure the
wireless networks, Virtual Private Networks and Secure Socket Layers your data is shared on.
Thank you.
Wireless Threats & Vulnerabilities
References
• Frankenfield, J. (2021, June 22). What is an eavesdropping attack? Investopedia. Retrieved October 2, 2021, from
https://www.investopedia.com/terms/e/eavesdropping-attack.asp.

• WiFi, C. T. (2017, June 13). Types of wireless attacks. Medium. Retrieved October 2, 2021, from https://blog.ct-networks.io/types-of-wireless-
attacks-9b6ecc3317b9.

• Cimpanu, C. (2018, September 6). Vulnerabilities found in the remote management interface of Supermicro servers. ZDNet. Retrieved October 2,
2021, from https://www.zdnet.com/article/vulnerabilities-found-in-the-remote-management-interface-of-supermicro-servers/.

• Alert (TA13-207A). Cybersecurity and Infrastructure Security Agency CISA. (n.d.). Retrieved October 2, 2021, from https://us-
cert.cisa.gov/ncas/alerts/TA13-207A.

• Types of wireless network attacks. Logsign. (n.d.). Retrieved October 2, 2021, from https://www.logsign.com/blog/types-of-wireless-network-
attacks/.

• Wikipedia contributors. (2021, October 1). Wireless. In Wikipedia, The Free Encyclopedia. Retrieved 11:42, October 2, 2021, from
https://en.wikipedia.org/w/index.php?title=Wireless&oldid=1047525038

• Swinhoe, M. H. and D. (2021, July 16). The 15 biggest data breaches of the 21st Century. CSO Online. Retrieved October 3, 2021, from
https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html.

• 5 identity attacks that exploit your broken authentication. (n.d.). Retrieved October 3, 2021, from
https://www.okta.com/sites/default/files/pdf/Whitepaper-5-Identity-Attacks-that-Exploit-Your-Broken-Authentication_updated2020.pdf.

• What is a denial-of-service (DOS) attack? | cloudflare. (n.d.). Retrieved October 3, 2021, from
https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/.

• 5 wireless security solutions to ease your mind. Marco. (n.d.). Retrieved October 3, 2021, from https://www.marconet.com/blog/5-wireless-
security-solutions-to-ease-your-mind.