Internet users are widely using Wi-Fi devices to access Internet. Every year millions of Wi-Fi devices are sold in the market. Out of these most of the wireless devices are vulnerable in their default configuration mode. Since end users are not fully aware of security levels to be set on these devices, these get rendered vulnerable. By taking advantage of these unsecured Wi-Fi devices terrorists and hackers fulfill their needs.
Anyone with Wi-Fi connectivity in his computer, laptop or mobile can connect to unsecured Access Points(wireless routers).Anyone in the range of Access point can connect to an Access Point if it is unsecured. Once the connection is established the attacker can send mails, download classified/confidential stuff, initiate attack on other computers in the network, send malicious code to others, install a Trojan or botnet on the victims computer to get long term control on it through Internet, etc.
All these criminal acts will naturally be associated with the legal user of Access Point(wireless router). It is up to the legal user of the Access Point to defend himself to prove that he has not been involved in these acts. It now becomes the responsibility of the user to secure his/her own Access Point.
Lets see some real incidents that took place in the recent years.
- Terrorists and hackers used unsecured Access Points to perform illegal activities on the Internet.
- Hackers penetrated into open Wi-Fi network of luxury hotels owned by the Thompson Group in New York, Los Angeles and Washington DC and stole the private emails sent by the guests.The hackers then attempted to extort money from the hotel chain by threatening to publish the emails.(www.crpcc.in)
- Just 5 minutes before Delhi blasts on September 2008 terrorists used an unsecured Wi-Fi connection of a company at Chembur in Mumbai to send terror emails to authorities and news channels. These hackers do not leave a trail of footprints for the investigators to arrive at a logical conclusion. The audit trail ends at Wi-Fi Access Point of the legal user. So it is becomes imperative for the users to secure their own Access Points(wireless router).
Types of Attacks on Wireless Environment
- Denial of Service Attack
Denial of Service Attack aims at preventing the users from accessing the network resources. In a Wireless network, denial of service attack can be applied in various ways.
- Man-In-Middle Attack in Wifi Devices
Performing Man-In-Middle Attack in a wireless network is much easier, when compared to wired network. As the transmissons from an accesspoint is broadcasted, it is easy for an unauthorised user to collect the traffic sent by other wireless clients. And the process of collecting the packets in this manner is known as Eavesdropping. Also the third party user can manipulate the packets sent to the legitimate users which results in breaking the users privacy.
So In order to avoid these kind of attacks, Strong encryption should be used for transmitting the data between wireless client and accesspoint.
It is a process of tracking Wi-Fi hotspots located at a particular place, while moving with a hand held device or a laptop in a vehicle. This helps the user in finding out the accesspoints that doesnot use encryption and takes control over it for performing the attacks on the network
How the attack occurs in Wifi Environment ?
- At the physical layer of TCP/IP Model, denial of service attack can be implemented by introducing a device which will generate noise in the same frequency band in which wireless accesspoint is operating. This makes the users who are trying to connect to the accesspoint may not be able to connect to it.
- Also the other possibility of Denial of service Attack is spoofing the accesspoint.Normally wireless clients connect to the wired network with the help of an accespoint. For associating with the accesspoint they require SSID of it. When an unauthorised user places an accesspoint with the same SSID, then there is a chance of authorised user getting associated with the attackers accesspoint. If that happens, the attacker will try to collect sufficient number of packets from the wireless client and cracks the WEP key used by the legitimate accesspoint. Then the attacker gets associated with the legitimate accesspoint and generates large ping requests in the network or generate some abnormal traffic, which may finally result in Denial of Service Attack.
Tips: "All Wi-Fi equipment support some form of encryption. So, enable them "
Guidelines for securing Wireless Communications
- Always use strong password for encryption
A strong password should have atleast 15 characters, uppercase letters, lowercase letters, numbers and symbol. Also it is recommended to change the encryption key frequently so that it makes difficult for the cracker to break the encryption key. Do not use WEP for encryption, rather use WPA/WPA2.
- Always use the maximum key size supported by accesspoint for encryption
If the keysize is large enough, then it takes more time to crack the key by the hacker. Also it is recommneded to change the encryption key frequently so that it makes difficult for the cracker to break the encryption key.
- Isolate the wireless network from wired network with a firewall and a antivirus gateway.
Do not connect the accesspoint directly to the wired network. As there is a chance of comprimised wireless client inturn effecting the systems in the wired network, a firewall and an antivirus gateway should be placed between the accespoint and the wired network.
- Restrict access to the Access Point based on MAC address
In order to allow authorized users to connect to the Access Point, wireless clients should be provided access based on MAC address.
- Change the default username and Password of the Access Point
Most of the users do not change the default passwords while configuring the Access Point.But it is recommended to keep a strong password, as this default password information can be known from product manufacturers.
- Shutdown the Access Point when not in use
Hackers try to brute force the password to break the keys, so it is good practice to turn off the Access points during extended periods of Non-use
- Do not broadcast your network name
SSID information is used to identify a Access Point in the network and also the wireless clients connect to the network using this information. Hence, in order to allow authorized users to connect to the network, the information should not be provided in public.
- Always maintain a updated firmware
Updating the firmware of accesspoint is recommended, as it will reduce the number of security loop holes in the accesspoint.
- Use VPN or IPSEC for protecting communication
When the information flowing from wireless client to the wired network receiver is critical, then it is recommended to use VPN or IPSEC based communication so that the information is protected from sniffers in the network.
- Do not make the SSID information public
SSID information is used to identify a accesspoint in the network and also the wireless clients connect to the network using this information. Hence, in order to allow authorised users to connect to the network, the information should not be provided in public.
- Disable DHCP service
When the number of users accessing the Access Point is less, it is recommended to disable the DHCP service. As this may make the attackers easy to connect to the network once they get associated with the Access Point.