Wireless Networking Security Vulnerabilities Exposed
People use wireless networks to connect their numerous personal devices remotely. Wireless networks provide the convenience of moving around instead of being tied down to one location. The vast array of Internet of Things (IoT) devices allows individuals to control their house temperature from anywhere or even start their oven away from home. Nevertheless, Hackers prey on IoT devices to gain access to the network. Encryption provides privacy so hackers do not simply obtain the information in plaintext. Protecting transmitted data is vital; however, some wireless encryption may contain vulnerabilities. Also, Wardriving, evil twins, Wi-Fi jamming, and IP spoofing have victimized the internet Wi-Fi. Since wireless networks encounter this risk, users face harmful consequences. Today, some wireless security vulnerabilities are exposed to encourage users to protect themselves against them.
First, hackers prey on common Wi-Fi vulnerabilities. The internet provides a convenient way for people to be connected, especially wireless Wi-Fi. Nevertheless, wi-fi delivers mobile accessibility to not only help users but also aid hackers in accessing the network. Wireless network access offers more flexibility and scalability over wired networks making it very popular today. Attackers process various methods to access a wireless network instead of just tapping into a wired network. For instance, hackers can attack Wi-Fi connections by wardriving, evil twins, Wi-Fi jamming, and IP spoofing.
Wardriving gives attackers access to open and unsecured wi-fi networks. Hackers scan for open wireless access points in an area (Oriyano, 2020). For example, hackers drive around neighborhoods and businesses to locate insecure networks. Wardriving was often done in the past to obtain free access to the internet. Although bandwidth stealing worries users, hackers now desire more confidential information containing value. Attackers can use open access points to download malware and illegal software robbing bandwidth and causing immense damage (Oriyano, 2020). Today, Wi-Fi settings require individuals to have a password login to help secure their Wi-Fi.
WLANs are susceptible to Evil Twin attacks. Evil Twins trick users into using the hacker’s Wi-Fi, acting as the legitimate Wi-Fi. Hackers can install a rogue access point (AP) to act as the legitimate AP to trick users into using their evil twin (Daldoul, 2023). Evil Twins can be achieved through exploiting authentication methods. The Open System Authentication (OSA) does not require a password and is open to evil twin attacks (Daldoul, 2023). OSA is openly used in airports and shops making open and free wi-fi unsecure. Another Authentication method is the Pre-Shared Key (PSK) which uses a shared password. This works well for small networks; however, hackers could obtain the password to accomplish an evil twin attack. Many organizations use the authentication server (AS) method which requires usernames and passwords. However, user credentials could be obtained easily through a phishing email tricking users to enter their credentials. To combat evil twins, digital certificates help stop malicious Wi-Fi connections (Daldoul, 2023).
Wi-Fi jamming jeopardizes Wi-Fi connection by overpowering it with a stronger signal. Multiple vulnerabilities have been used in the past to conduct a jamming attack. A False Preamble Attack uses the PHY layer to interrupt the packet detection, causing the timing signals to be off track (Zhu, Li, & Hu, 2022). Additionally, jamming attacks can take advantage of the MAC protocol. The CTS/ACK Corruption Attack manipulates the management packets to take control (Zhu, Li, & Hu, 2022). In an ACK attack, jamming signals break up the ACK packet so that it does not reach its destination (Zhu, Li, & Hu, 2022). L-STF attack takes advantage of a missing preamble which causes the line to be busy for 20dB so that a stronger signal can be established (Zhu, Li, & Hu, 2022). L-STF can successfully prohibit Wi-Fi communication using the standard requirements (Zhu, Li, & Hu, 2022).
The goal of a jamming attack is to prevent the legitimate network from being able to communicate (Bhushan et al, 2023). This type of attack could be used to accomplish a denial of service (DoS) attack making the network inaccessible for users. The CIA triad of security includes confidentiality, integrity, and availability, and the Wi-Fi jamming jeopardizes the availability.
IP spoofing is used to gain unauthorized access to the network. In 2021, less than 60% of Autonomous systems used destination-side source address validation (DSAV), making 40% vulnerable to spoofing attacks (Hilton et al, 2023). This vulnerability places people connected to the network wirelessly in danger. DSAV can prevent spoofing attacks by performing identity checks (Hilton et al, 2023). Unauthorized individuals gain access by reduplicating a valid IP address (Hilton et al, 2023). Without proper authentication, the internet could accept IP addresses from illegitimate sources so hackers can receive and send network traffic (Fonseca et al, 2021). After the hacker uses an IP spoofing attack to gain access to the network, a DDoS attack can occur if the hacker sends too much network traffic (Fonseca et al, 2021). One problem leads to another, making it urgent to fix any known vulnerabilities.
Wi-Fi attacks continue to increase worldwide. Zero-day attacks are vulnerabilities that hackers exploit that the users or developers do not know about. New attacks will persist and continue to get worse. The damage and consequences of malicious cyberattacks keep getting worse. The cost of cybercrime has been predicted to be $10.5 trillion by 2025 (Moore, 2024). Also, it is crucial to overcome zero-day attacks with quick patches to resolve the problem. It is critical for users to install the patches for the vulnerabilities so they are not open to exploit (Huang et al, 2021). These Wi-Fi vulnerabilities expose the risk of damage and loss if not properly fixed.
Next, unprotected data transmission allows attackers to access personal information. Data transfer in plaintext is easy for hackers to eavesdrop on, making encryption and proper authentication vital. WEP, WPA, and WPA2 are wireless encryption methods; however, they have been found vulnerable to attack. Man-in-the-middle attacks also put privacy at risk today since they are found among the top ten attacks for 2024 (Moore, 2024). Organizations worldwide face increasing concern for data breaches as threats grow. Everyone should verify that they are not using vulnerable encryption methods to help ensure privacy.
Man-in-the-middle (MitM) attacks permit hackers to comprise communication between users. Data encryption is vital so hackers can easily read communication between users. Hackers can achieve MitM attacks through ineffective authentication. For example, weak passwords and a lack of multiple authentication methods help attackers be able to obtain unauthorized access. Also, AP impersonation has been used to accomplish a MitM attack (Olenewa, 2014). DHCP spoofing, ARP Spoofing, and IPv6 Neighbor Spoofing are three ways that attackers have bypassed authentication. In DHCP spoofing, the attacker gives devices some malicious configuration to produce a “fake default gateway address or DNS address” (Vondráček et al, 2018). ARP Spoofing uses phony ARP messages to convince the device that the “attacking device’s MAC address is the default gateway’s MAC address” (Vondráček et al, 2018). IPv6 Neighbor Spoofing happens when a hacker gets access using the genuine user’s IP or MAC address. These various authorization attacks are just some ways hackers could gain authentication to accomplish a MitM attack.
WLANs use encryption methods to prevent others from obtaining personal information in plain text. Three methods to stop eavesdropping include WEP, WPA, and WPA2. Nevertheless, WEP, WPA, and WPA2 contain vulnerabilities. Wired Equivalent Privacy (WEP) is an old method that uses RC4 encryption for either 64-bit or 128-bit encryption (Olenewa, 2014). In 2005, WEP encryption could be broken in less than 2 minutes (Olenewa, 2014). Recently, simple cryptanalysis can break weak WEP keys within 30 seconds (Oriyano & Solomon, 2020). Thankfully, WEP is not used anymore.
Wi-Fi Protected Access (WPA) was designed to overcome the security vulnerabilities in WEP. For instance, WPA used a unique initialization vector (IV) for each client while WEP cycled them. However, WPA was not a permanent solution since it contained loopholes too. Developers designed WPA to be backward compatible with WEP devices which was originally beneficial for users. Unfortunately, attackers reuse elements from WEP systems to exploit known vulnerabilities (Fitzpatrick, 2016). For instance, attackers could use WPA to exploit known vulnerabilities in WEP through a downgrade attack.
Developers created WPA2 with increased security over its predecessor. The U.S. government created WPA2 with the advanced encryption standard (AES) and did not allow older hardware to be compatible (Olenewa, 2014). However, hackers discovered the “key reinstallation attack” (KRACK) vulnerability (Oriyano & Solomon, 2020). WPA2 uses a four-way handshake to authenticate. The endpoint sends an acknowledgment message once the key is received; otherwise, the AP will repeatedly send the install key (Fitzpatrick, 2016). In turn, hackers use that information to determine the encryption to access network data. WPA3 overcame some of the problems with WPA2; however, it too will be replaced in the future when vulnerabilities are found.
Third, IoT devices make easy access points for hackers since these devices can lack security protocols. Today, trends are being made to move everything to the internet. Banking, Shopping, and Paying Bills are often completed online. Now, TVs stream shows using the Internet, and most household appliances can be connected to the Internet. Countless users are unaware of how these devices can be access points for hackers. Users face security threats from around the world since the internet is worldwide.
IoT devices can act as rogue access points to gain access to the network. Rogue access points (RAP) are dangerous since hackers use them as access points to gain access to the network. A rogue access point uses AP impersonation over an 802.11 WLAN to create a connection (Olenewa, 2014). The hacker uses an Access Point to generate SSIDs to trick the IoT devices into connecting to the network (Yang, 2024). The IoT device can take control of the network by tricking the network into thinking that the hacker’s connection is legitimate. Hackers use the RAP to monitor traffic, gain private information, spread malware, and manipulate other devices on the network (Yang, 2024). Also, hackers from anywhere worldwide can send phishing emails to get users to click on and unintentionally download software that gives hackers access to their devices.
Bluetooth devices contain vulnerabilities. Bluetooth devices normally use the internet and are a vast array of IoT devices. Bluetooth devices provide a convenient method for wireless communication; however, they are vulnerable to numerous types of attacks. Devices in discovery mode are vulnerable to Bluejacking, Bluesnarfing, and Bluebugging (Oriyano & Solomon, 2020).
Bluejacking occurs when the attacker sends unwanted messages to a Bluetooth device. The hacker will scan for reachable Bluetooth devices and send them a message to add a device. The hacker becomes a trusted user in the victim’s address book if the recipient innocently accepts the message (Oriyano & Solomon, 2020). Bluejacking often annoys its victims by swamping them with spam messages, but Bluesnarfing is worse since the hacker achieves access to the user’s device.
Bluesnarfing gains control of devices to steal the user’s data and takes advantage of the list of trusted devices. Bluesnarfing can be accomplished by exploiting vulnerabilities in the Object Exchange (OBEX) protocol (Lonzetta, 2018 ). The OBEX File Transfer Protocol uses the upload and download application which gives hackers the ability to connect with the user’s device (Lonzetta, 2018 ). Bluesnarfing is done to breach the user’s data, stealing the user’s privacy. (Oriyano & Solomon, 2020).
Bluebugging happens when an unauthorized person obtains control of a Bluetooth device. Attackers could use the RFCOMMM protocol to connect with the L2CAP and base so that attackers can access the network without the user’s awareness (Lonzetta, 2018). Hackers take full control of devices in Bluebugging. For instance, hackers could use a person’s phone to start calls or deliver texts (Oriyano & Solomon, 2020). Bluebugging attacks use the OBEX, making it possible to add software remotely so that the hacker can install malware on the infected device.
IoT devices propose the threat of DDoS attacks. Devices are used as a tool to send many packets and can also be the target of DDoS attacks. In 2016, The Mirai malware exploited IoT devices using a list of 60 default usernames and passwords (Oriyano and Solomon, 2020). Also, attacks can use an IP spoofing attack to gain access to sending traffic to cause a DDoS attack, denying the user to operate the IoT device as intended (Fonseca et al, 2021). On the other hand, IoT can accomplish a DDoS attack using botnets. A botnet contains many IoT devices. These devices can use Wi-Fi to run flooding attacks, denying legitimate users access (Yang, 2024).
In conclusion, wireless networks contain an array of vulnerabilities. IoT devices can provide easy access points for hackers since these devices can lack security protocols. For instance, hackers have exploited Bluetooth devices left in discovery mode using Bluejacking, Bluesnarfing, and Bluebugging. Next, unprotected data transmission allows attackers to access personal information. For example, hackers intercept communication through a MitM attack and can exploit various encryption methods for transmitted data. Finally, attackers have abused Wi-Fi vulnerabilities through wardriving, evil twins attacking, Wi-Fi jamming, and IP spoofing. As stated previously, exposed vulnerabilities contain the risk of damage and loss if vulnerabilities are left open to attackers.
References
Bhushan, Sharma, Kumar, and Priyadarshin. (2023) “Security Attacks and Vulnerability Analysis in Mobile Wireless Networking.” 5G and Beyond. Springer.
Daldoul, Y. (2023). A Robust Certificate Management System to Prevent Evil Twin Attacks in IEEE 802.11 Networks. arXiv.Org. https://doi.org/10.48550/arxiv.2302.00338
Fitzpatrick, J. (2016, September 21). The difference between WEP, WPA, and WPA2 Wi-Fi passwords. How-to Geek. https://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/
Fonseca, O., Cunha, I., Fazzion, E., Meira, W., Silva, B. A. da, Ferreira, R. A., & Katz-Bassett, E. (2021). Identifying Networks Vulnerable to IP Spoofing. IEEE eTransactions on Network and Service Management, 18(3), 3170–3183. https://doi.org/10.1109/TNSM.2021.3061486
Hilton, A., Hirschmann, J., & Deccio, C. (2022). Beware of IPs in Sheep’s Clothing: Measurement and Disclosure of IP Spoofing Vulnerabilities. IEEE/ACM Transactions on Networking, 30(4), 1659–1673. https://doi.org/10.1109/TNET.2022.3149011
Huang, Y., Zhu, F., Liu, L., Meng, W., Hu, S., Ye, R., & Lv, T. (2021). WNV-Detector: automated and scalable detection of wireless network vulnerabilities. EURASIP Journal on Wireless Communications and Networking, 2021(1), 1–21. https://doi.org/10.1186/s13638-021-01978-4
Lonzetta, A., Cope, P., Campbell, J., Mohd, B., & Hayajneh, T. (2018). Security Vulnerabilities in Bluetooth Technology as Used in IoT. Journal of Sensor and Actuator Networks, 7(3), 28-. https://doi.org/10.3390/jsan7030028
Moore, M. (2024, August 21). Top cybersecurity threats in 2024. University of San Diego Online Degrees. https://onlinedegrees.sandiego.edu/top-cyber-security-threats/
Olenewa, J. (2014). Guide to wireless communications. Course Technology/Cengage Learning.
Oriyano, S.-P., & Solomon, M. (2020). Hacker techniques, tools, and incident handling. Jones & Bartlett Learning.
Vondráček, M., Pluskal, J., & Ryšavý, O. (2018). Automated Man-in-the-Middle Attack Against Wi‑Fi Networks. The Journal of Digital Forensics, Security and Law, 13(1), 59–80. https://doi.org/10.15394/jdfsl.2018.1495
Yang, Z., Lu, Q., Zhang, H., Chen, F., & Xian, H. (2024). Eliminating Rogue Access Point Attacks in IoT: A Deep Learning Approach With Physical-Layer Feature Purification and Device Identification. IEEE Internet of Things Journal, 11(8), 14886–14900. https://doi.org/10.1109/JIOT.2023.3345378 Zhu, R., Li, T., & Hu, A. (2022). Efficient jamming attacks in Wi-Fi networks based on legacy short training field. Journal of Physics. Conference Series, 2352(1), 12006-. https://doi.org/10.1088/1742-6596/2352/1/012006