This week in my Ethical Hacking and
Response class we will be presenting a group project and the topic of
discussion is Wireless Hacking. I thought it would be a good topic for my blog
post this week. First off I would like to throw in a breach that happened back
in 2006.
TJX Companies: 2006. 94 million credit
cards exposed. Hackers took advantage of a weak data encryption system and
stole credit card data during a wireless transfer between two Marshall's stores
in Miami, Fla.
“After the TJX breach came to light,
one of the questions posed by security experts was: Why are businesses still
using WEP?” (Schwartz, 2011 – darkreading)
Let’s briefly touch on a few areas that
wireless technology is used:
Voice Communications - cellphones
Remote Control and Monitoring – TV
remotes, garage openers, wireless dog fence (cruel), infrared sensors,
surveillance videos, heart rate monitors
Remote Measurement and Wireless Sensing –
Utility companies can now remotely read your meter
Item Tracking – Think Radio Frequency IDentification tags
Entertainment – wireless speakers,
headphones, microphones, home theatres
Navigation and Location – Global
Positioning Systems (GPS)
Quality control and Risk Management
Networking – PAN, LAN, WAN, Cellular
Networks
Energy Management and Wireless Power
Transfer – charging docks
Wireless technology has come a long way
and it is freeing existing good ideas from the constraint of wires and, at the
same time, enabling an emergence of new ideas and applications that weren't
possible before. The list above
shows that wireless has played a major role in advancing some technologies that
are now part and parcel of our day to day lives, but just like with every good
thing, there seems to always be some cons.
“The wireless security market has matured
significantly in the past several years, but still many organizations remain
vulnerable to attacks, either through legacy protocols with well-published
deficiencies, or through new threats that are not adequately addressed”
– Joshua Wright, SANS
With wireless networks, its biggest flaw
is the hardware that is used; the routers, modems etc. A common attack vector
for wireless communication is wireless driver attacks. In this type of attack,
rather than going after the wireless networks themselves, an attacker will
choose the path of least resistance by going after the hardware. Exploitable
vulnerabilities in wireless drivers have been discovered in all major wireless
card manufacturers. When I looked up the word wireless under NVD (National Vulnerability Database), it
returned 359 matching records
So how do we secure wireless communication?
The answer is through the combination of a
Strong Encryption Method and a Strong Key/Password
 |
| Image courtesy of howtogeek.com |
Key Encryption Methods are as follows
WEP (Wired
Equivalent Privacy) – in this system, the same shared key is used for both
authentication and encryption. With the shared key, the attacker can decrypt
frames or pose as a legitimate user. WEP can be easily broken and is no longer
recommended.
WPA + TKIP: Wi-Fi Protected Access +
Temporal Key Integrity Protocol
WPA TKIP was meant to replace WEP but it
is now considered unsecure. TKIP uses the RC4 stream encryption algorithm as
its basis and it encrypts each data packet with a unique encryption key, and
the keys are much stronger than those of WEP.
WPA + TKIP/AES: Wi-Fi Protected Access +
Temporal Key Integrity Protocol/ Advanced Encryption Standard.
AES uses symmetric-key algorithm (same key
for encryption and decryption). AES is considered secure and is used by many
government agencies. In this encryption method, the TKIP enables compatibility
with legacy devices that don’t support AES but this also opens up the network
to attacks since the low hanging fruits always get hit first.
WPA + AES – this one just removes the TKIP portion so it’s safer than the
latter
WPA2 + AES – This is the most secure and should be used in wireless
communication setups. It utilizes keys that are 64 hexadecimal digits long.
Note that this method can be cracked too, but it will take too long for any
attacker so the incentive to actually commit resources for this ‘mission’ may
not be there for most wireless networks. There are other avenues of breaching
your network that are less time consuming like sending a phishing email.
Summary
Wireless communication has benefited a lot
of people and is helping make life easier and with the growing trend in
Internet of Things, despite some of the weaknesses associated with it, it is
not going anywhere. As users we should always be vigilant of our surroundings
(beware of ‘free/open’ networks) and when setting up wireless networks, we
should ensure that we adhere to security best practices by using the most
secure encryption method (WPA2/AES) and making sure that the key/password is
strong enough. Also make sure that defaults are changed. Leaving the devices’
default settings will make it as simple as opening a browser and typing in
‘router passwords’ and you are presented with a list of all the default user
names and passwords for all kinds of router makes and models.
Stay safe while you connect!
References:
No comments:
Post a Comment