Radio Frequency Jamming (38.4.3)
Wireless signals are susceptible to electromagnetic interference (EMI), radio frequency interference (RFI), and even lightning strikes or noise from fluorescent lights.
Attackers can take advantage of this fact by deliberately jamming the transmission of a radio or satellite station to prevent a wireless signal from reaching the receiving station.
To successfully jam the signal, the frequency, modulation, and power of the RF jammer needs to be equal to that of the device that the attacker is seeking to disrupt.
Bluejacking and Bluesnarfing (38.4.4)
Bluetooth is a short-range, low-power protocol that transmits data in a personal area network (PAN) and uses pairing to establish a relationship between devices such as mobiles, laptops, and printers. Cybercriminals have discovered ways to exploit the vulnerabilities between these connections.
Due to the limited range of Bluetooth, an attacker must be within range of their target. Here are some ways that they can exploit a target’s device without their knowledge.
Bluejacking
Bluejacking uses wireless Bluetooth technology to send unauthorized messages or shocking images to another Bluetooth device.
Bluesnarfing
Bluesnarfing occurs when an attacker copies information, such as emails and contact lists, from a target’s device using a Bluetooth connection.
Attacks Against Wi-Fi Protocols (38.4.5)
Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) are security protocols that were designed to secure wireless networks.
WEP was developed to provide data transmitted over a wireless local area network (WLAN) with a level of protection comparable to what is usually expected of a traditional wired network. It added security to wireless networks by encrypting the data.
WEP used a key for encryption. The problem, however, was that WEP had no provision for key management and so the number of people sharing the same key continually grew, giving criminals access to a large amount of traffic data. Furthermore, WEP’s initialization vector (IV), one of the key components of its encryption key, was too small, readable, and static.
To address this and replace WEP, WPA and then WPA2 were developed as improved security protocols. Unlike with WEP, an attacker cannot recover WPA2’s encryption key by observing network traffic. However, they can still use a packet sniffer to analyze the packets going between an access point and a legitimate user.
Wi-Fi and Mobile Defense (38.4.6)
There are several measures that organizations and users need to implement to defend against wireless and mobile device attacks. These include the following:
- Take advantage of basic wireless security features such as authentication and encryption by changing the default configuration settings.
- Restrict access point placement by placing these devices outside the firewall or within a demilitarized zone, which is a perimeter network that protects an organization’s LAN from untrusted devices.
- Use WLAN tools such as NetStumbler to detect rogue access points or unauthorized workstations.
- Develop a policy for secure guest access to an organization’s Wi-Fi network.
- Employees in an organization should use a remote-access VPN for WLAN access when on public Wi-Fi networks.
Check Your Understanding—Wireless and Mobile Device Attacks (38.4.7)
Refer to the online course to complete this activity.