ITEC3125›Wireless Network Security: Types of Attacks

Cyber SecurityTopic 36 of 39

Wireless Network Security: Types of Attacks

7 minread

1,267words

Intermediatelevel

Wireless Network Security: Types of Attacks

Wireless networks are inherently vulnerable due to the nature of radio frequency communication, which can be intercepted and manipulated by attackers. These networks can be targeted in various ways, leading to breaches, disruptions, or data theft. Below, we explore the types of attacks commonly aimed at wireless networks, detailing how each attack works, its potential impact, and ways to defend against it.

1. Eavesdropping (Sniffing) Attack

Description: Eavesdropping occurs when an attacker intercepts and listens to wireless communication without the knowledge of the users or the network administrator.
Mechanism:
- Since wireless signals travel through the air, they are susceptible to interception by anyone within range using tools like Wireshark, Kismet, or Aircrack-ng.
- Attackers can capture packets containing sensitive data such as login credentials, credit card information, or private communications.
Impact:
- Data interception leads to the theft of sensitive information.
- Attackers may gather usernames, passwords, or financial data.
Protection:
- Use WPA2 or WPA3 encryption to secure wireless traffic.
- Avoid using WEP (Wired Equivalent Privacy), as it is outdated and can be easily cracked.
- Use VPNs (Virtual Private Networks) to encrypt traffic on public or untrusted wireless networks.

2. Man-in-the-Middle (MITM) Attack

Description: In a MITM attack, the attacker intercepts and potentially alters communication between two parties (for example, a wireless device and an access point).
Mechanism:
- Attackers position themselves between the victim’s device and the wireless access point. This can be achieved by setting up a rogue Evil Twin access point or using ARP Spoofing (Address Resolution Protocol).
- Once positioned in the middle, attackers can intercept, monitor, and manipulate communications without either party being aware.
Impact:
- Data alteration: Sensitive data such as login credentials, emails, or financial information may be intercepted and modified.
- Credential theft: Attackers can capture usernames and passwords.
Protection:
- Use strong encryption (WPA3, WPA2) to ensure data confidentiality.
- Implement mutual authentication between clients and access points to ensure that both parties trust each other.
- Always use HTTPS (SSL/TLS) for web traffic to prevent interception.

3. Evil Twin Attack

Description: In an Evil Twin attack, the attacker creates a rogue wireless access point with the same SSID (network name) as a legitimate one.
Mechanism:
- The attacker sets up an open or weakly secured access point with the same name as the target network, enticing users to connect to it thinking it's legitimate.
- Once connected, the attacker can intercept or manipulate all the data sent between the victim’s device and the rogue AP.
- The attacker may also launch a MITM attack once users are connected to the fake AP.
Impact:
- Data theft: Attackers can steal personal information such as emails, passwords, or banking details.
- Potential malware injection: The attacker can inject malicious code into the victim’s traffic.
Protection:
- Avoid connecting to public or unsecured Wi-Fi networks.
- Use WPA3 or WPA2 encryption to secure wireless communications.
- Verify network names (SSID) before connecting to a Wi-Fi network.
- Implement network segmentation (using different SSIDs for different purposes) and 802.1X authentication.

4. Rogue Access Point Attack

Description: A rogue access point (AP) is an unauthorized AP installed in a network that can be used to bypass security and gain unauthorized access to the network.
Mechanism:
- Employees or attackers may install unauthorized access points in an organization’s premises to gain access to the internal network.
- These rogue APs may bypass existing security measures such as firewalls and encryption, providing a backdoor for attackers.
Impact:
- Unrestricted access to internal networks and sensitive data.
- Network infiltration and data exfiltration.
Protection:
- Regularly scan the network for rogue APs using Wireless Intrusion Detection Systems (WIDS) or Wireless Intrusion Prevention Systems (WIPS).
- Use 802.1X authentication for stronger device management.
- Implement network segmentation to isolate critical infrastructure.

5. Deauthentication Attack (Denial of Service - DoS)

Description: A deauthentication attack is a type of denial-of-service (DoS) attack that causes devices to disconnect from the network.
Mechanism:
- The attacker sends deauthentication frames to a device or group of devices, causing them to disconnect from the network.
- This attack can be used to force users to reconnect to a rogue AP (Evil Twin) or disrupt normal service.
Impact:
- Service disruption, particularly in environments where continuous connectivity is critical.
- Potential for an attacker to exploit the reconnection process (e.g., by redirecting users to a malicious network).
Protection:
- Use WPA2 or WPA3 encryption, as they provide better protection against deauthentication attacks than WEP.
- Employ WIPS to detect and block unauthorized deauthentication frames.
- Enable 802.1X authentication to secure network access and avoid relying solely on SSID-based connections.

6. Dictionary and Brute Force Attack on WPA/WPA2

Description: In a dictionary or brute-force attack, the attacker attempts to guess the Wi-Fi password by trying many possible combinations (using precompiled dictionaries or by brute-forcing every possible password).
Mechanism:
- The attacker intercepts the WPA/WPA2 handshake between the device and the access point.
- Then, they use tools like Aircrack-ng to attempt to crack the password offline by testing many possible passwords.
Impact:
- If successful, the attacker can gain full access to the wireless network and potentially intercept or manipulate all traffic.
Protection:
- Use a long, complex WPA2 or WPA3 passphrase that cannot be easily guessed or cracked.
- Disable WPS (Wi-Fi Protected Setup), as it can be vulnerable to brute-force attacks.
- Implement strong authentication (e.g., 802.1X).

7. WPS (Wi-Fi Protected Setup) Brute-Force Attack

Description: WPS is a method to simplify the process of connecting devices to a Wi-Fi network. However, its 8-digit PIN is vulnerable to brute-force attacks.
Mechanism:
- The attacker gains access to the WPS PIN through brute-forcing and attempts all possible PIN combinations.
- Once the PIN is cracked, the attacker can access the network.
Impact:
- Unauthorized access to the Wi-Fi network.
- Potential for data theft and network compromise.
Protection:
- Disable WPS on your router to prevent this attack.
- Use strong WPA2 or WPA3 encryption.
- Set complex, non-dictionary passwords for Wi-Fi networks.

8. Packet Injection Attack

Description: Packet injection involves the attacker injecting malicious or spoofed packets into the wireless network to disrupt traffic or exploit vulnerabilities in devices.
Mechanism:
- The attacker may inject malformed packets that exploit vulnerabilities in the network devices or the communication protocols.
- Commonly used in DoS attacks, such as flooding the network with malformed packets to crash devices.
Impact:
- Network disruption or crashes.
- Exploitation of vulnerabilities, leading to malware injection or system compromise.
Protection:
- Use WPA2 or WPA3 encryption to ensure data integrity and prevent packet manipulation.
- Update device firmware to patch vulnerabilities.
- Use WIDS/WIPS to monitor for unusual or malicious traffic patterns.

9. Jamming Attack (DoS)

Description: In a jamming attack, the attacker disrupts the wireless network by sending out noise or interference on the same frequency used by the network.
Mechanism:
- The attacker sends high-power radio signals on the same frequency as the wireless network, disrupting communication between devices and access points.
Impact:
- Service disruption, potentially causing the network to become slow or unusable.
- Loss of data due to failed transmissions or communication breakdowns.
Protection:
- Use frequency hopping or spread spectrum techniques to reduce the impact of interference.
- Set up redundant communication channels to ensure continued service.
- Use directional antennas for more focused transmission and less exposure to interference.

Conclusion

Wireless networks are exposed to a wide range of attacks due to their open nature and reliance on radio signals. Understanding the different types of wireless network attacks is essential for developing effective security strategies. Implementing **strong encryption (WPA2/W

Previous topic 35

Wireless Network Security: Wireless Network Attacks

Next topic 37

Mobile Devices Security

Past Papers

Open this section to load past papers

Click on Show Past Papers to see past papers.

ITEC3125›Wireless Network Security: Types of Attacks

Cyber SecurityTopic 36 of 39

Wireless Network Security: Types of Attacks

7 minread

1,267words

Intermediatelevel

Wireless Network Security: Types of Attacks

1. Eavesdropping (Sniffing) Attack

Description: Eavesdropping occurs when an attacker intercepts and listens to wireless communication without the knowledge of the users or the network administrator.
Mechanism:
- Since wireless signals travel through the air, they are susceptible to interception by anyone within range using tools like Wireshark, Kismet, or Aircrack-ng.
- Attackers can capture packets containing sensitive data such as login credentials, credit card information, or private communications.
Impact:
- Data interception leads to the theft of sensitive information.
- Attackers may gather usernames, passwords, or financial data.
Protection:
- Use WPA2 or WPA3 encryption to secure wireless traffic.
- Avoid using WEP (Wired Equivalent Privacy), as it is outdated and can be easily cracked.
- Use VPNs (Virtual Private Networks) to encrypt traffic on public or untrusted wireless networks.

2. Man-in-the-Middle (MITM) Attack

Description: In a MITM attack, the attacker intercepts and potentially alters communication between two parties (for example, a wireless device and an access point).
Mechanism:
- Attackers position themselves between the victim’s device and the wireless access point. This can be achieved by setting up a rogue Evil Twin access point or using ARP Spoofing (Address Resolution Protocol).
- Once positioned in the middle, attackers can intercept, monitor, and manipulate communications without either party being aware.
Impact:
- Data alteration: Sensitive data such as login credentials, emails, or financial information may be intercepted and modified.
- Credential theft: Attackers can capture usernames and passwords.
Protection:
- Use strong encryption (WPA3, WPA2) to ensure data confidentiality.
- Implement mutual authentication between clients and access points to ensure that both parties trust each other.
- Always use HTTPS (SSL/TLS) for web traffic to prevent interception.

3. Evil Twin Attack

Description: In an Evil Twin attack, the attacker creates a rogue wireless access point with the same SSID (network name) as a legitimate one.
Mechanism:
- The attacker sets up an open or weakly secured access point with the same name as the target network, enticing users to connect to it thinking it's legitimate.
- Once connected, the attacker can intercept or manipulate all the data sent between the victim’s device and the rogue AP.
- The attacker may also launch a MITM attack once users are connected to the fake AP.
Impact:
- Data theft: Attackers can steal personal information such as emails, passwords, or banking details.
- Potential malware injection: The attacker can inject malicious code into the victim’s traffic.
Protection:
- Avoid connecting to public or unsecured Wi-Fi networks.
- Use WPA3 or WPA2 encryption to secure wireless communications.
- Verify network names (SSID) before connecting to a Wi-Fi network.
- Implement network segmentation (using different SSIDs for different purposes) and 802.1X authentication.

4. Rogue Access Point Attack

Description: A rogue access point (AP) is an unauthorized AP installed in a network that can be used to bypass security and gain unauthorized access to the network.
Mechanism:
- Employees or attackers may install unauthorized access points in an organization’s premises to gain access to the internal network.
- These rogue APs may bypass existing security measures such as firewalls and encryption, providing a backdoor for attackers.
Impact:
- Unrestricted access to internal networks and sensitive data.
- Network infiltration and data exfiltration.
Protection:
- Regularly scan the network for rogue APs using Wireless Intrusion Detection Systems (WIDS) or Wireless Intrusion Prevention Systems (WIPS).
- Use 802.1X authentication for stronger device management.
- Implement network segmentation to isolate critical infrastructure.

5. Deauthentication Attack (Denial of Service - DoS)

Description: A deauthentication attack is a type of denial-of-service (DoS) attack that causes devices to disconnect from the network.
Mechanism:
- The attacker sends deauthentication frames to a device or group of devices, causing them to disconnect from the network.
- This attack can be used to force users to reconnect to a rogue AP (Evil Twin) or disrupt normal service.
Impact:
- Service disruption, particularly in environments where continuous connectivity is critical.
- Potential for an attacker to exploit the reconnection process (e.g., by redirecting users to a malicious network).
Protection:
- Use WPA2 or WPA3 encryption, as they provide better protection against deauthentication attacks than WEP.
- Employ WIPS to detect and block unauthorized deauthentication frames.
- Enable 802.1X authentication to secure network access and avoid relying solely on SSID-based connections.

6. Dictionary and Brute Force Attack on WPA/WPA2

Description: In a dictionary or brute-force attack, the attacker attempts to guess the Wi-Fi password by trying many possible combinations (using precompiled dictionaries or by brute-forcing every possible password).
Mechanism:
- The attacker intercepts the WPA/WPA2 handshake between the device and the access point.
- Then, they use tools like Aircrack-ng to attempt to crack the password offline by testing many possible passwords.
Impact:
- If successful, the attacker can gain full access to the wireless network and potentially intercept or manipulate all traffic.
Protection:
- Use a long, complex WPA2 or WPA3 passphrase that cannot be easily guessed or cracked.
- Disable WPS (Wi-Fi Protected Setup), as it can be vulnerable to brute-force attacks.
- Implement strong authentication (e.g., 802.1X).

7. WPS (Wi-Fi Protected Setup) Brute-Force Attack

Description: WPS is a method to simplify the process of connecting devices to a Wi-Fi network. However, its 8-digit PIN is vulnerable to brute-force attacks.
Mechanism:
- The attacker gains access to the WPS PIN through brute-forcing and attempts all possible PIN combinations.
- Once the PIN is cracked, the attacker can access the network.
Impact:
- Unauthorized access to the Wi-Fi network.
- Potential for data theft and network compromise.
Protection:
- Disable WPS on your router to prevent this attack.
- Use strong WPA2 or WPA3 encryption.
- Set complex, non-dictionary passwords for Wi-Fi networks.

8. Packet Injection Attack

Description: Packet injection involves the attacker injecting malicious or spoofed packets into the wireless network to disrupt traffic or exploit vulnerabilities in devices.
Mechanism:
- The attacker may inject malformed packets that exploit vulnerabilities in the network devices or the communication protocols.
- Commonly used in DoS attacks, such as flooding the network with malformed packets to crash devices.
Impact:
- Network disruption or crashes.
- Exploitation of vulnerabilities, leading to malware injection or system compromise.
Protection:
- Use WPA2 or WPA3 encryption to ensure data integrity and prevent packet manipulation.
- Update device firmware to patch vulnerabilities.
- Use WIDS/WIPS to monitor for unusual or malicious traffic patterns.

9. Jamming Attack (DoS)

Description: In a jamming attack, the attacker disrupts the wireless network by sending out noise or interference on the same frequency used by the network.
Mechanism:
- The attacker sends high-power radio signals on the same frequency as the wireless network, disrupting communication between devices and access points.
Impact:
- Service disruption, potentially causing the network to become slow or unusable.
- Loss of data due to failed transmissions or communication breakdowns.
Protection:
- Use frequency hopping or spread spectrum techniques to reduce the impact of interference.
- Set up redundant communication channels to ensure continued service.
- Use directional antennas for more focused transmission and less exposure to interference.

Conclusion

Previous topic 35

Wireless Network Security: Wireless Network Attacks

Next topic 37

Mobile Devices Security

Past Papers

Open this section to load past papers

Click on Show Past Papers to see past papers.