What Dangers Lurk In Your Wireless Network?

Posted: March 9, 2017 / Author: Dror Liwer

Companies across the spectrum are already familiar with a wide range of cyber threats, including; DDoS attacks, phishing email schemes, ghostware and cloud jailbreaking among many others, because these are the ones the media is quick to pick up on. However, there is a lack of awareness regarding a host of wireless network attacks that can be just as damaging if not more.

The lesser known wireless threats and what they can do to your enterprise.


Threat #1 - Access Point Mapping: This threat is referred to as access point mapping or wardriving. Access point mapping is conducted by a cybercriminal driving around looking for wireless networks to hack, which is why it is also known as "wardriving". This hack method is an offshoot of a 1980s-modem hacking scam. Criminals would drive around and automatically call all phone numbers in any given area code to hack into modems.

The modern version of wardriving relies on the fact that wireless networks are much stronger than they used to be. This means that criminals must no longer sit inside your company's parking lot, which would make them an easy target by security. How is it done? All that is needed is a GPS receiver, a laptop and a program called NetStumbler that records and maps all wireless access points. As wireless LANs are discovered, the cybercriminal can easily set up a launch pad for an attack.

Threat #2 – WindTalker Attack: Recently, five researchers in Shanghai found that the numerous channels, sub-channels in Wi-Fi have created a new vulnerability. The researchers used a modified firmware to create a rogue access point that can track even the smallest variations in a signal and link those changes with typing. With every keystroke the CSI (Channel State Information) emits an echo, which can be be picked up  and enable the cybercriminal to reconstruct the PIN number.   

WindTalker is far more dangerous than other cyberattack approaches, because it does not need an external device and it simply uses the public WiFi itself to collect CSI data. While this method is very hard to detect, it is easily deployable. WindTalker was found to maintain 70% accuracy, which was demonstrated back in October at the 23rd ACM Conference.

Threat #3 - Mirai botnet: When a malware has the ability to knock over a million users off line, it is time to pay attention. Mirai has evolved, while in the past it was only attacking IoT devices via default usernames and passwords it now perpetrates multiple and simultaneous types of attacks, including; SYN, UDP, VSE, GRE and ACK. Once a device is infected by Mirai, that device then moves on to corrupt more devices to expand the botnet army.

During Mirai’s most recent attack in Germany in November 2016, the botnet took advantage of code in routers produced by Zyxel and Speedport via port 7547. As luck would have it, the cybercriminals in the German attack did not reach their intended target, which was websites and online services, instead the routers simply crashed. Of course, Mirai did have other successes like the October Dyn attack, so it should never be under-estimated.

Threat #4 Eavesdropping: This malicious activity is divided into passive and active forms. Passive eavesdropping is simply the interception of a wireless transmission, while active eavesdropping involves using malicious nodes to send a query to a friendly node to grab information. Both forms work in tandem with each other, because a malicious node must have working knowledge of good nodes to be able to even passively eavesdrop.

For those using a wireless keyboard, for instance in a public space, eavesdropping is becoming a serious issue. A recent study of 12 wireless keyboard manufacturers, found that 8 could be be intercepted even several hundred feet away. Major brands affected by this include Hewlett-Packard and Toshiba, among others. The keyboard attack has become known as key sniffing and relies on UBS dongles, which transmit radio packets to detect vulnerable keyboards. This is comparable to how a malicious node can detect and intercept on a wireless sensor network.  


Bottom Line

As our cyber world becomes more wireless centric, it is important to successfully secure the wireless space by gaining full visibility to not only the wireless network, but the entire environment around the device.   

Visit us to discover the Coronet solution.

Previous Next