Cyber Security Wi-Fi Attacks

This page focuses on the unique security threats that target wireless (Wi-Fi) networks. It explains that because Wi-Fi broadcasts data through the air using radio waves, it is inherently more vulnerable than a wired network. The page covers common attack methods that exploit these vulnerabilities to eavesdrop on communications, steal data, and gain unauthorized network access.

Key Learning Points Overview

The page categorizes Wi-Fi attacks based on their goals and methods, from passive listening to active manipulation.

1. Packet Sniffing (Eavesdropping)

• What it is: The passive interception of data packets as they are transmitted over a Wi-Fi network.
• How it works: An attacker uses software (like Wireshark) and a wireless network adapter to monitor all wireless traffic within range. On an unencrypted network, this data can be read in plain text.
• Impact: Stealing unencrypted login credentials, personal information, and any other data sent over the network.
• Key Insight: This is a passive attack, making it very difficult to detect.

2. Rogue Access Points (Evil Twin Attacks)

• What it is: A malicious Wi-Fi access point set up by an attacker that masquerades as a legitimate one.
• How it works:
  • The attacker creates a Wi-Fi network with a similar or identical name (SSID) to a trusted network (e.g., “CafeFreeWiFi” vs. “CafeFreeWiFi”).
  • They may use a stronger signal to trick devices into automatically connecting to it.
  • Once a victim connects, all their internet traffic passes through the attacker’s system.
• Impact:
  • Man-in-the-Middle (MitM): The attacker can intercept, monitor, and modify all communication.
  • Credential Harvesting: Capturing usernames and passwords.
  • Malware Distribution: Injecting malicious software into the victim’s traffic.

3. Wi-Fi Password Cracking

• What it is: Gaining unauthorized access to a protected Wi-Fi network by discovering the password.
• How it works: Attackers target the security protocols used to protect Wi-Fi:
  • WEP (Wired Equivalent Privacy): Deeply flawed and can be cracked in minutes with readily available tools. It is not secure.
  • WPA/WPA2 (Wi-Fi Protected Access): More secure, but can be vulnerable to brute-force or dictionary attacks if a weak password is used. This involves capturing a “handshake” (the initial connection data between a device and the router) and then systematically trying millions of password combinations against it offline.
• Impact: Gaining full access to the network, allowing for further attacks.

4. Other Attacks Mentioned

• Deauthentication Attack: A denial-of-service attack that forcibly disconnects a device from a Wi-Fi network by sending spoofed “deauth” frames. This can be used to disrupt service or to capture a new WPA handshake when the device reconnects.
• KRACK (Key Reinstallation Attacks): A vulnerability in the WPA2 protocol itself that allows attackers to intercept and decrypt data under certain conditions. This highlights the need to keep router firmware updated.

5. The Cybersecurity Connection: Risks and Consequences

The page explains the severe implications of a successful Wi-Fi attack:

• Data Theft: Personal files, emails, and financial information can be stolen.
• Identity Theft: Using captured credentials to impersonate the victim.
• Malware Infection: Installing ransomware, spyware, or other malicious software.
• Legal Liability: If an attacker uses your compromised network for illegal activities, you could be held responsible.
• Loss of Privacy: An attacker can see every website you visit.

Study Material & Learning Plan

Here’s a structured plan to master the concepts of Wi-Fi security.

Phase 1: Understand the Concepts (Foundation)

1. Goal: Grasp the fundamental vulnerabilities of wireless networks and the different types of attacks.
2. Action: Read the page carefully. Pay attention to the difference between passive (sniffing) and active (rogue AP, deauth) attacks.
3. Self-Check Questions:
   • Why is a wireless network inherently less secure than a wired one?
   • What is the main difference between a Packet Sniffing attack and a Rogue Access Point attack?
   • Why is WEP considered completely insecure?

Phase 2: Connect Attacks to Defenses (Analytical Thinking)

1. Goal: For each attack, identify the primary mitigation strategy.
2. Action: Create a table with two columns: Wi-Fi Attack and Primary Defense.
   • Example Rows:
     • Attack: Packet Sniffing -> Defense: Use WPA3 or strong WPA2 encryption. Always use HTTPS websites.
     • Attack: Rogue Access Point -> Defense: Verify the official SSID with staff, use a VPN to encrypt all traffic, and don’t auto-connect to open networks.
     • Attack: Password Cracking -> Defense: Use a long, complex, and unique Wi-Fi password (passphrase). Disable WPS (Wi-Fi Protected Setup) if possible.
     • Attack: General Threats -> Defense: Keep your router’s firmware updated to patch known vulnerabilities like KRACK.

Phase 3: Practical Observation & Safe Habits (Awareness)

1. Goal: Develop safe Wi-Fi practices and learn to recognize threats.
2. Actions:
   • Check Your Router: Log into your home router and verify it is using WPA2 or preferably WPA3 security. Ensure a strong password is set.
   • Public Wi-Fi Hygiene: When using public Wi-Fi, always assume someone is listening. Use a VPN to create a secure, encrypted tunnel for all your data.
   • Observe Networks: Look at the list of available Wi-Fi networks in a public place. Can you spot any with suspicious or duplicate names that might be rogue APs?

Phase 4: Defensive Thinking & Configuration

1. Goal: Understand how to harden a Wi-Fi network.
2. Actions:
   • Research Best Practices: Look up guides on securing a home router. Key steps include:
     • Changing the default administrator password.
     • Disabling WPS.
     • Enabling the router’s firewall.
     • Hiding the SSID (a minor obfuscation, not a real security measure).
   • Understand VPNs: Research how a Virtual Private Network (VPN) works and why it is the single most important tool for security on untrusted networks.