Question

The world of wireless and mobile devices is evolving day-to-day, with many individuals relying solely on their wireless devices in the workplace and in the home. The growing use of mobile devices demands that organizations become more educated in securing this growing technology and determining how to best protect their assets.

Explore and discuss the risk assessments, threats, and vulnerabilities of wireless networks, and mobile device security as well as the security measures that should be put in place to mitigate breaches.

Answer 1

There are several threats associated with wireless networks. Following four contribute most of the vulnerabilities and threats:

1. Rogue Access Points/Ad-Hoc Networks-

Attackers use the methods of targeting wireless LANS is to setup a rogue access point that is within the range of the existing wireless LAN. Some of the legitimate devices is to fool in associating to this access point over the legitimate access points.

For effectiveness, this type of attack requires physical access; this is for the reason if a user links with a rogue access point then is not able to perform any of their normal duties the vulnerability will be short lived and not that effective. If an attacker is able to gain access to a physical port on a company network and then hook the access point into this port, it is possible to get devices to associate with the rogue access point and capture data through it for an extended period of time. The exception to this is when the wireless LAN being targeted only provides Internet access; it is much easier for a rogue access point to offer simple Internet access and leave the user unaware of their vulnerability for an extended amount of time.

On the same idea of rogue access points is unauthorized access points (not malicious) and unauthorized ad-hoc networks. In these situations, a legitimate user sets up an access point or ad-hoc network for their use but does not implement proper security techniques which provides an opening for watching attackers.

2. Denial of Service-

Anybody familiar with network security is aware of the concept of denial of service (DoS). It is one of the simplest network attacks to perpetrate because it only requires restrained access to services. This can be done by sending a large amount of traffic at a specific target location. Of course, the quantity of traffic required to affect a target device can be much higher than the capabilities of a single server.

However, the flooding of traffic is not the only way to limit access to services; for wireless networks it can be much easier as the signal can be interfered with through a number of different techniques. When a wireless LAN is using the 2.4 GHz band, interference can be caused by something as simple as a microwave oven or a competing access point on the same channel. Because the 2.4 GHz band is limited to only 3 non-overlapping channels (U.S.), an attacker just needs to cause enough interference into these three channels to cause service interruption.

A denial of service attack can also be used in conjunction with a rogue access point. For example, a rogue access point could be setup in a channel not used by the legitimate access point and then a denial of service attack could be launched at the channel currently being used causing endpoint devices to try to re-associate onto a different channel which is used by the rogue access point.

3. Configuration Problems-

Simple configuration problems are the cause of vulnerabilities, the reason is that many consumer/SOHO grade access points ship with no security configuration. A new user can install one of these devices quickly and gain authorization. Moreover they open up their network to external use without further configuration too.

Other potential issues with configuration are weak passphrases, weak security deployments (i.e. WEP versus WPA versus WPA2), and default SSID usage among others.

4. Passive Capturing-

This is done by getting within range of a target wireless LAN and then listening and capturing to data. The data can be used for a number of things which includes performing to break existing security settings and thinking critically on unsecured traffic. It is not possible to prevent this type of attack because of some features of a wireless network; what can be done is to implement quality security standards using complex parameters.

Please do give a thumbs up, if you like our answer.