Wireless Weakness and Solutions
Wireless network accessibility is increasingly being deployed in offices, public areas and at home. The technology has grown over the years moving from radio communication, as it was the case during the Second World War to wider forms of technologies that require data transmission in mobile environments such as GSM (A-L 196). The birth of the internet has invariably brought changes to the use of wireless technology, proliferating novel ways that allow users to connect to local area networks (LAN) and related infrastructure through access points without wiring (Rassam, Maarof & Zainal 1386). Even more is that with wireless technologies and networking, many advantages accrue to consumers of these technologies such as improvement in productivity due to increased ease of access to information resources (Choi et al. 77). Moreover, configuring and reconfiguring wireless network is relatively easy, fast and inexpensive, perhaps the more reason for its phenomenal popularity. Moreover, advancements in the area of wireless technology has made the adoption of the technology widespread through other sophisticated means in fields such as health, military applications, control and tracking applications in addition to environment and habitat monitoring applications (Rassam, Maarof & Zainal 1386). The widespread deployment of wireless technology however means that its weaknesses such as propensity for attacks, outages and security concerns are all transferred to consumers who adopt this technology. Just as there are many ways of wireless technology deployment, so are there many weaknesses to these technological deployments. The good news however, is that there are also possible solutions to the security and outage problems, among other weaknesses of wireless technology.
Among the reasons for increased utilization of wireless technology, include advances in delivery. The technology has come a long way from its use in the Second World War for communication, to GSM (A-L 196). Today, there are even better advances in the technology, such as 3G, 4G and the soon-to-be-unveiled 5G wireless technology. Wireless broadband deployed through Wi-Fi and other technologies such as WiMAX provide an even wider range for wireless networking technology. The advances have further reduced the price for acquisition of these technologies, while at the same time improving the technological performance.
The advances have pushed the increases uptake of wireless technology, particularly Wi-Fi, which currently provides the standard for most wireless local area networking (WLAN). The adoption of Wi-Fi has been particularly forthcoming due to the performance of the technology (its speed is nearly comparable to Ethernet). Perhaps what makes Wi-Fi more comparable to Ethernet is its initial design/creation. Indeed, Wi-Fi’s creation was to make it operate as a wireless Ethernet (Leon 88). The technology is therefore an open-standard enabling wireless connectivity between equipment and a LAN. For public access, Wi-Fi services provide LAN over short distances (50-150 meters). The services in this case have a connection to a domestic database, thereby providing connections to the client through kiosks or portable devices.
WLAN currently extends to the provision of internet access, and is indeed one of the most contemporary trends. Part of the enabling factors for the adoption of the trend is advancement in internet access technology and bandwidth speeds. 3G and 4G, as well as high-speed broadband delivered over new technologies such as WiMAX and Long Term Evolution (LTE) provide access and convenience to consumers, who have gladly taken up wireless networks. Even more is the convenience and performance presented by WLAN. WLAN requires no wiring and offers performance of 50-200 times faster than the old dial-up connection and cellular data access. Within the 50-150 meter radius, WLAN guarantees speeds in the range of 1.6 to 11 Mbps, with newer technologies such as WiMAX and LTE promising speeds of up to 100 Mbps (Segan n.p.).
For operation, WLAN runs within the unlicensed 2.4 GHz and 5 GHz spectrum. The 2.4 Ghz spectrum is currently crowded, having an allocation for many other purposes apart from the WLAN service. The 5 GHz spectrum on the other hand, is much larger, and therefore provides for the higher speeds, greater reliability and even better throughput for the new wireless technology (Segan n.p.). Moreover, with the drop in the price of most Wi-Fi chips, the technology is virtually in all electronic devices with computing capabilities. Most computers, laptops, smartphones, printers and even home appliances such as refrigerators come fitted with Wi-Fi radio chips, making the technology more convenient for internet connection (Choi et al. 78). Additionally, automobiles, game devices, MP3 players (such as Apple’s iPod), smart watches among many other devices spot Wi-Fi chips for internet connection and sharing of information from one source to another.
For WLAN to work, it requires hardware that deploys the signal transmitted to other equipment within the networks. The hardware in this case is the Access Point (AP). The AP allows the aforementioned devices to connect to the WLAN, providing a connection between the wired and wireless devices (Choi et al. 78). The access points therefore provide hotspots for the connections allowing users, to access the internet within the hotspot radius (A-L 196). For only specified users to enjoy the wireless network services, however, it is sometimes necessary to setup passwords/keys that allow only users with the passwords to gain access to the network. There are however, public open networks in restaurants, hotels and parks that allow free access to the network without the necessity of keying in password or passkeys (A-L 196).
Closely related to Wi-Fi is Bluetooth technology, a short-range, low powered technology integrated into devices, such as computers, cell phones and other computational peripherals including printers, headsets and mice among other household appliances. The mechanism of Bluetooth provides a similar connection with Wi-Fi, although over a short distance. Therefore, Bluetooth can in fact provide wireless LAN services just like Wi-Fi (Jakobsson and Wetzel 176).
Bluetooth provides a link between two devices with an optional pre-shared key verification and encryption. Through the authentication process, the connected devices can share resources or network via the wireless field created by the connection. The technology has been used for local wireless communication on devices such as cell phones, wireless headsets and printers, allowing the communication of these devices with each other when in close proximity (Jakobsson and Wetzel 176). Among the advantages of using this technology has been the freedom in hands-free communication as well as stress-free synchronization of different devices. With the introduction of Near Field Communication, Bluetooth comes in handy for connecting phones to mobile wallets and therefore making purchases. Further is that Bluetooth “allows for new types of designs, such as phones connected to wireless headsets; phones connected to the emergency systems of cars; computers connected to printers without costly and un-aesthetical cords” (Jakobsson and Wetzel 177).
Although the two forms of wireless technologies present opportunity and possibilities for the users, they can also provide leeway for other harmful uses. Hackers and people with malicious intention can easily manipulate these wireless technologies to their own advantage, and to the harm of others, through vulnerabilities/weaknesses in security protocols of these technologies (Jakobsson and Wetzel 177). Both WLAN and Bluetooth have vulnerabilities within their construction that make them possible to intrude with the right expertise and tools. Furthermore, WLAN specifically has vulnerabilities within its protocols that make it easily accessible by hackers and other people who may mean harm to the users, sniffing for information or using the network to do illegal activities or launch attacks to other networks and systems within the targeted networks.
One weakness of WLAN is the possibility of rogue APs, which can be either internal or external. Internal rogue APs are usually enjoined to the wired network by an unlicensed handler, without the knowledge of the IT professional (Timofte 129). This rogue AP then acts as a gateway for the unauthorized user who can then easily gain access to the network without his/her physical presence within the organization’s perimeter. Through the AP therefore, the user can easily modify, steal or access both private and corporate data from the organization, using them for his/her own selfish benefit.
An external rogue AP on the other hand, does not have any connection to the wired infrastructure of the organization. On the contrary, this AP imitates a legitimate AP within the network (Timofte 129). The attacker then sets up the rogue AP’s SSID (Session Set ID) to look the same as a legitimate AP, increasing the signal of the rogue AP (Library Technology Reports 21). The purpose for increasing the rogue AP’s signal is to attract traffic to the rogue AP, given that most users are likely to connect to the strongest AP, without counterchecking the source as either legitimate or false (Ng, Sim and Tan 140). With clients connecting to the rogue AP, the attacker can then launch further attacks including obtaining credentials and data mining from the users’ connected to the rogue AP (Timofte 129).
There is also a potential for devices to make accidental associations with other wireless networks. This happens when, on turning on a computer, it jumps onto wireless access point of an adjacent company’s spilling network (Choi et al. 78). Although the user may not be aware of such an occurrence, this is a break in the security of an organization given the possibility of exposure of proprietary information, and a probable connection between the two companies (Choi et al. 78). The breach is particularly serious in cases when the latching machine (laptop) is connected to the wired network of the company.
While accidental association may be a legitimate mistake, malicious association is in fact user driven. In this case, the user (cracker) intentionally attempts to connect to a company’s network through wireless devices, as well as attempts to have other wireless devices to connect to the company’s through the user’s wireless devices (Choi et al. 78). The attacker then plants Trojans, viruses and malware into the system through the legitimate users’ computers. The process becomes even easier for the cracker given that Layer 3 protection for network authentication and VPNS offer no hurdles for the cracker’s penetration (Choi et al. 78). The intention of the cracker at this point would therefore be to take over the client and launch even further attacks.
Another weakness of the technology lies in Ad-hoc networks. These peer-to-peer networks have no Aps between them. In essence, the computers use their own wireless networks to share information between them. Largely, such networks have limited encryption of security protection and are therefore easy prey to crackers (Choi et al. 78). Moreover, similar weaknesses are also present in non-traditional networks such as PDAs, smartphones, barcode readers, wireless printers and copiers. These, if not secured, are security vulnerabilities and avenues through which crackers can easily enter a wireless network.
When not properly configured wireless networks are vulnerable to MAC spoofing (identity theft), where a cracker is capable of listening in on the network traffic, and in so doing identifies the MAC address of the computer. This is especially serious when the cracker identifies the MAC address of a computer with network administrative privileges (Choi et al. 79). Given that wireless networks filter traffic within the network, only allowing computers with specific MAC IDs to access and use the network, a cracker can use sniffing programs to obtain MAC addresses, then create a MAC address similar to those that the network allows, and with that gain access into the network.
Wi-Fi networks are also vulnerable to denial of service attacks and network injection. In DOS, the cracker attacks the network by giving it numerous requests, failure messages, extensive successful connection messages, and in so doing denying legitimate users access to the networks. On extreme cases, these requests and commands have been a cause of networks crashing (Choi et al. 80). Conversely, network injections involve injection of phony reconfiguration commands, which affect routers and switches, and bring the wireless network down.
As a wireless network, Bluetooth presents even more weaknesses. As a peer-to-peer network and lacking a centralized administration and security-bolstering infrastructure, it is weaker in its security protocol (NSA 1). Moreover, Bluetooth specification is intricate, containing support for a diverse range of voice and data profiles and services. Even more is that Bluetooth implementation has a huge variety of chipsets, equipment and operating systems. This diversity in basic components results in varied user and security programming interfaces, as well as default settings (NSA 1). These variations therefore become the main weakness of Bluetooth, as the technology is susceptible to a wide range of security vulnerabilities. Such vulnerabilities open the technology to attacks such as DOS, unintentional control, data breach, position tracing and identity discovery.
Bluetooth also lacks strong encryption and security protocols, for this matter, it is possible to eavesdrop and even hijack a session between devices, and sometimes even alter information passed between the devices (Jakobsson and Wetzel 180). It is also possible for attackers to eavesdrop on voice conversations, having hijacked transmissions between the receiver and cell phone. The attacker therefore becomes privy to intimate and sometimes sensitive information, which he/she can use against the people in the conversation.
Even with these weaknesses, there are a number of solutions available for protecting the wireless infrastructure. While they may not work perfectly, these solutions offer marked deterrence against attackers, who if unchecked, can wreak havoc to the entire wireless system. Installing a wireless intrusion prevention and detection system into the wireless network infrastructure provides one solution to the weakness (Timofte 130). Such systems monitor the network for any unusual events, which violate or are imminent threat to the network, and in case such events occur, the system tries to stop the detected intrusion (Timofte 130). The entire process therefore involves detection, prevention/stopping and eventual reporting of the event to the administrator. Through such a log, the administrator can then execute other prevention protocol, and use the report to fix any vulnerability found in the system.
Yet another solution is eliminating any rogue APs. The design and setting of a WLAN should fit within an organisation’s security architecture. Therefore, it is important to make efforts to detect and remove any unauthorised access points (Library Technology Reports 22). By capturing and analysing wireless traffic within traffic, it is possible to detect any traffic related to APs outside the official network (Farooqi and Khan 236).
Most wireless networks transmit their signal via wireless routers. At installation therefore, the router chosen should be secure and able to provide the necessary security protocols (Leon 88). Such a router should be able to support the least decipherable encryption, hide its identity from any unauthorised and prying parties outside the network and prevent entry into the network through an unauthorised computer (Leon 88). After choosing a secure router, it is also important to choose a safe name for the router, which will prevent any hackers from identifying the brand of the router, and therefore looking up any security flaws. This name should also be hidden from any unauthorized users, in addition to customizing the password used for configuring router. It is also necessary to disable the remote administration feature, so that only the administrator can configure the router from the server.
It is also important that users authenticate a signal before connecting to it. Moreover, the administrator of a network should ensure that passwords are not only long and strong, but that they should also keep changing at regular intervals to in non-predictable patterns. These long and strong passwords also apply to Bluetooth passkeys to ensure that no one eavesdrops on the connection (NSA 2). Moreover, for Bluetooth, one should ensure that devices are as close together as possible, and that he/she only activates Bluetooth functionality and discoverable function when absolutely necessary, and in the presence of trusted devices (NSA 1).
Wireless technology presents opportunity in mobility, and with it enhances productivity. The technology has advanced over the years to become one of the most widely used networking technologies in the world, in both corporate, education and home environments. While the technology presents promise, it also comes with weaknesses, which if not taken care could mean harm to users. Such weaknesses include propensity to attacks, such as DOS, man-in-the-middle, network injection, hijacking and eavesdropping. Solutions however, do exist to mitigate threats presented by these weaknesses. Intrusion detection and prevention systems, use of passkeys and secure passwords, as well as secure routers offer security bolstering solutions to these weaknesses. With advancement in technology, better and more efficient wireless technology continue to flood the market. These offer prospects for development and increased productivity. Moreover, these technologies come with even better security protocols making them secure and convenient across corporate, health, education and domestic environments.
“Wireless Network Configuration and Security Strategies.” Library Technology Reports 41.5 (2005): 21-30. ProQuest. Web. 3 Dec. 2014.
A.-L. Burness. “Mobility, Wireless and QoS.” BT Technology Journal 23.2 (2005): 196. ProQuest. Web. 3 Dec. 2014.
Choi, Min-kyu. “Wireless Network Security: Vulnerabilities, Threats and Countermeasures.” International Journal of Multimedia and Ubiquitous Engineering, 3.3(2008):77-86
Farooqi, Ashfaq, H. and Khan, Farrakh, A. “Intrusion detection systems for wireless sensor networks: A survey.” Communication Computer Information Science 56 (2009): 234-241.
Jakobsson, Markus and Wetzel, Susanne. “Security Weakness in Bluetooth.” LNCS 2020, (2011): 176-191
Leon, James F. “Protect Your Wireless Network-and Your Business.” Journal of Accountancy 206.5 (2008): 88, 91, 14. ProQuest. Web. 3 Dec. 2014.
Ng, H. S., M. L. Sim, and C. M. Tan. “Security Issues of Wireless Sensor Networks in Healthcare Applications.” BT Technology Journal 24.2 (2006): 138. ProQuest. Web. 3 Dec. 2014
NSA. Bluetooth Security. Ft. Meade, MD: NSA, 2007
Rassam, Murad A., M. A. Maarof, and Anazida Zainal. “A Survey of Intrusion Detection Schemes in Wireless Sensor Networks.” American Journal of Applied Sciences 9.10 (2012): 1636-52. ProQuest. Web. 3 Dec. 2014
Segan, Sascha. “WiMAX vs. LTE: Should You Switch?” PC Mag May 16, 2012. Web. 4 December 2014
Timofte, Jack. “Wireless Intrusion Prevention Systems.” Revista Informatica Economică 3.47 (2008): 129-132