Wi-Fi networks are extremely popular

Due to their usability, convenience and, especially, low implementation cost, Wi-Fi networks have become far more prevalent

among SMEs, the self-employed and private households than wired networks.

However, the Wi-Fi networks we regularly connect to are highly vulnerable because, in their original conception and design, and

also due to the limitations of older processors, simplicity and speed took priority over security features.

Factors that make Wi-Fi networks vulnerable

    • Access with a pre-shared key (PSK), which is usually visible to the public and offers no ability to control or identify who is connected
    • All the users have access with the same privileges and security policy
    • It is easy to spoof other devices using MAC or IP spoofing techniques
    • Most routers use the standard default configuration, which makes it easier for intruders because they all have similar parameters.

Local networks allow users to see who is connected. If the users who access the network cannot be identified because

they all connect with the same password or have no defined privileges, any user would be able to:

    • See and access other devices
    • Capture the traffic sent over the network
    • Steal or tamper with the data transferred
    • Spoof other users or devices

 

For a Wi-Fi network to be secure, each user needs to connect with exclusive (not shared) credentials and defined privileges.

Did you know that most wireless network attacks take place from within?

You probably think that attacks come from outside your network and that measures such as installing a perimeter firewall are enough.

 

However, a 2018 report by IBM shows that 60 % of cyberattacks are prompted by internal threats.

 

Not all internal threats come from malicious users; rather, a large portion of these attacks occur out of negligence or human error.

 

Internal attacks can also be perpetrated by infiltrators, which are external users that gain access to the wireless network by using legitimate but unauthorized credentials (by cracking the Wi-Fi network password, for example).

 

That’s why it is critical for you to secure your corporate network from within too.

 

Common Wi-Fi network attacks

Man in the Middle

In this kind of attack, the attacker intercepts the user and the router, attempting to spoof the router. This means that all the traffic generated by the victim is intercepted by the attacker. These videos show you how easy it is for someone with the right knowledge to perpetrate an attack of this kind.

Rogue AP

This is an illegal access point within an organization’s network and its purpose is to make users connect to it in order to capture their traffic.

Evil Twin

This attack consists in creating a malicious access point with the same characteristics (network name) as a legitimate one to trick the client into connecting to it in order to steal their login credentials.

Dictionary attacks

These attacks are used to decrypt passwords by trying words from a dictionary or even commonly used combinations until the attacker manages to break the code. To decipher Wi-Fi network passwords, antennas are used to capture data packets from nearby networks, which are then processed offline, testing different word combinations. We suggest you read our cyber-advice about secure passwords.

MAC e IP Spoofing

A MAC is the code that identifies your device, and an IP is the address assigned to you when you connect to a network. The term ‘spoofing’ means imitation or forgery, and this type of attack is based on imitating the MAC or IP in order to impersonate a device.