ICT107_Session2A

Module Overview

  • College: Stanley College

  • Course: Data Cyber Security

  • Module: Wireless Network Security

Learning Objectives

  • Demonstrate broad knowledge of ICT, focusing on select areas.

  • Communicate effectively with various stakeholders.

  • Self-manage and reflect on personal development.

  • Respond ethically to issues in ICT.

  • Critically analyze ICT knowledge.

  • Solve problems with creativity and intellectual independence.

Specific Learning Outcomes

  1. Explain cyber risk landscape in business and society.

  2. Identify and classify cyber threats and vulnerabilities.

  3. Analyze enterprise cyber-hygiene and maturity best practices.

Module Objectives

  • Describe types of wireless network attacks.

  • List vulnerabilities of WLAN security.

  • Explain solutions for securing wireless networks.

Types of Wireless Attacks

  • Bluetooth Attacks

  • Near Field Communication (NFC) Attacks

  • Radio Frequency Identification (RFID) Attacks

  • Wireless Local Area Network (WLAN) Attacks

Bluetooth Attacks

  • Overview:

    • Uses RF transmissions for short-range communication.

    • Involves a network topology called a piconet, with one leader and followers.

Attack Types

  1. Bluejacking

    • Sends unsolicited messages to devices (annoying, not harmful).

  2. Bluesnarfing

    • Gains unauthorized access to information from a Bluetooth device.

NFC Attacks

  • Overview:

    • Standards for communication between devices in close proximity (within 4 cm).

    • Active devices can read and transmit data; passive devices can only be read.

Uses of NFC

  • Contactless payments, automobile, entertainment, and retail.

RFID Attacks

  • Overview:

    • Transfers data using tags (usually passive) read by proximity readers.

Attack Types

  • Unauthorized Access

    • Rogue readers track inventory, exploiting sales information.

  • Fake Tags

    • Authentic tags replaced with false data.

  • Eavesdropping

    • Unauthorised users intercept communications.

WLAN Attacks

  • Overview:

    • WLANs are susceptible to various attacks targeting enterprise and home users.

  • Types of WLAN attacks include rogue access points, evil twins, data interception, and denial of service.

WLAN Security Vulnerabilities

  • Initial protections from the IEEE 802.11 standard showed vulnerabilities.

Key Protocols and Solutions

  • Wired Equivalent Privacy (WEP):

    • Uses shared key for encryption but vulnerable due to short IV length.

  • Wi-Fi Protected Access (WPA):

    • Introduces enhanced security features over WEP.

  • Wi-Fi Protected Access 2 (WPA2):

    • Provides robust encryption and authentication methods (AES-CCMP).

  • Wi-Fi Protected Access 3 (WPA3):

    • Enhances security with improved handshake and individual data encryption.

Additional Security Considerations

  • Installation and configuration best practices.

  • Rogue access point detection is crucial for network security.

Summary

  • WLANs & Bluetooth/NFC are frequently targeted by attackers.

  • Existing protocols like WEP and WPA/WPA2 have varying levels of security.

  • Control measures include MAC filtering, rogue AP detection, and effective configuration of access points.