We live in a digitalised world. This digital world uses wireless technologies, be it Internet connection, Cellular data, Bluetooth and etc. Wireless networking is revolutionising the world. For example, the way people work and play, traditional processes cease to exist (e.g. telephone lines). The removal of the physical connections or cables, individuals will be able to use networks, gain internet access or access to devices in newer ways. This makes data portable, mobile and accessible. A wireless network is an unbounded data communication system that uses radio frequency technology to communicate with devices and obtain data. This network frees the user from complicated and multiple wired connections. It uses electromagnetic waves to interconnect two individual points without establishing any physical connection between them.
Wireless Network Concepts
In a wireless network, data is transmitted by means of electromagnetic waves to carry signals over the communication path. There are a few terminologies that we associate with wireless network
Such examples are:
Industrial, Scientific, and Medical ( ISM ) Band: A set of frequencies defined by the ITU Radio Regulations. These were set aside for RF use for purposes other than telecommunications. However using ISM Bands for telecommunications is still possible.
Access Point ( AP ) : An access point is used to connect wireless devices to a network, regardless of whether the network is wired or wireless. For examples, an access point allows wireless communication devices to connect to a wireless network through wireless standards such as Bluetooth and Wi-Fi. An AP is attached to a router or modem. It generates the Wi-Fi signal your device attaches to — allowing you connect wireless to the internet. If you didn’t have a wireless access point either separate or built into your modem or router you would only be able to connect to the internet via an ethernet cable.
In case you are confused if a Modem is an access point, you may read more here: https://blog.ct-networks.io/what-s-the-difference-between-a-modem-a-router-and-an-access-point-64f2a2865721
Modem : A box like structure that actually connects to the phone line or whatever physical line you have. It normally has at least an ethernet connection, sometimes a USB as well. It is the part that allows the transfer of data over the phone line.
Bandwidth : It describes the amount of information that may be broadcasted over a connection. Usually, bandwidth refers to the data transfer rate. The unit of measuring the bandwidth is bits per second ( Amount of data per second ).
Service Set Identifier ( SSID ) : SSID is an unique identifier that consist of 32 alphanumeric character given to a wireless local area network (WLAN) that acts as a wireless identifier on the network. The SSID permits connections to the required network among an available independent network. Devices connecting to the same WLAN should use the same SSID to establish the connection.
Advantages and Disadvantages of Wireless Networks
In wireless networks, transmission takes place through radio wave transmission. This usually occurs at the physical layer of the network structure. Wireless network are wireless local area networks based on the IEEE 802.11 standard where it allows devices to access the network from anywhere within range of an access point. It is a widely used technology in wireless communication across a radio channel. It also sets up numerous ways to build a connection between the transmitter and the receiver (e.g. infrared signals).
Examples of devices that uses wireless network to connect to a network are:
Personal Computer
Video-Game Consoles (Playstation, Xbox, Nintendo Switch)
Smartphones
Advantages
——> Installation is fast and easy as it eliminates wiring through walls and ceilings. Be it in an office or a home environment
——> Easier to provide connectivity in areas where it is difficult to lay cable
——> Access to the network can be from anywhere within range of an access point
——> Public places like airports, libraries, schools or similar public places can offer you connections to public wireless networks
Disadvantages
——> Security is a big issue as wireless networks are easier to penetrate
——> Bandwidth will suffers as the number of users/devices connected to the network increases
——> Exceeding recommended capacity which results in severe inconsistencies in a network require new wireless network enhancements such as new wireless cards and access points.
——> Electronic equipment can interfere with wireless networks that can cause infiltration to be much easier
How to defend against wireless attacks?
Configuration:
Change the default SSID after WLAN Configuration
Set router access password with a requirement of (at least 8 characters with 1 lowercase, 1 uppercase, 1 numeric and 1 special character)
Enable Firewall protection
Disable SSID broadcasts
Disable remote router logins and wireless administration
Enable MAC Address filtering on your access point or router
Enable encryption on access point and change passwords frequently.
Authentication:
Choose Wi-Fi protected Access ( WPA ) instead of WEP
Implement WPA2 Enterprise whenever/wherever possible
Disable the network when not required
Place wireless access points in a secured location
Keep drivers on all wireless equipment updated
Use a centralized server for authentication
Requirements for SSID settings
Use SSID cloaking to keep certain default wireless messages from broadcasting the ID to everyone
Do not use your company name, personal name or any easily identified names as your SSIDs and network passwords.
Place a firewall or packet filter in between Access Points (AP) and Corporate Intranet
Limit the strength of the wireless network so it cannot be detected outside the bounds of your organisation
Check wireless devices in the network, network configurations and setup regularly
Implement additional technique for encrypting traffic, such as IPSec over wireless
Wireless Penetration Testing
Wireless penetration testing is a process of actively evaluating information security measures implemented in a wireless network to analyze design weaknesses, technical flaws and vulnerabilities. A comprehensive detailed report about the findings along with the suite of recommended countermeasures is delivered to executive, management and technical stakeholders.
Objectives:
Threat Assessment: Identify threats facing an organization’s information assets
Upgrading Infrastructure: Change/Upgrade existing infrastructure of software, hardware, or network design
Security control Auditing: To test and validate efficiency of wireless security protections and controls.
Data Theft Detection: Find streams of sensitive data by sniffing the traffic
Information System Management: Collect information of security protocols, network strength and connected devices
Risk Prevention and Response: Provide comprehensive approach of preparation steps that can be taken to prevent inevitable exploitation
The penetration tester will then document all their findings to help determine what is the next course of action.
Quadrant360 offers specialised Wireless Networks penetration Testing and Consulting services, so do contact us at +65-31383788 or click here to email us at enquiry@quadrant360.com for more information
Summary
A wireless network infrastructure generally consists of hardware components such as wireless routers and access points, antennas and etc. These hardware components will work hand-in-hand with software components such as encryption algorithms, key management and etc to form a comprehensive wireless network. Wireless networks are vulnerable to various access control, integrity, confidentiality, availability and authentication attacks. There can be countermeasures in place, but it does not make the network impregnable. Thus, I will call these best practices to lower the risks of such cyber attacks instead of countermeasures.