Wi-Fi Threats for Mobile Device User

Public Wi-Fi may seem like one of the greatest conveniences there is, but in reality, it can be quite dangerous. Here are 6 Public WiFi Security threats you need to know and exactly how to protect yourself. 

Threat List 

• Rogue access points  
• Wi-Fi SSID Tracking  
• Eavesdropping of traffic over unencrypted or insufficiently encrypted (e.g. WEP) Wi-Fi networks  
• Malicious Wi-Fi networks masquerading as legitimate Wi-Fi networks (hotspot hijacking)  
• Client MAC address tracking  
• Illegal radio frequency transmitters that are designed to block, jam, or otherwise interfere with authorized radio communications  

Rogue access points 

Threat Description: 

Rogue APs are merely access points installed on a preexisting network. They are fairly common and often come in the form of wireless routers. Often times, they are installed by well-meaning employees, to give more customers access to the Wi-Fi network. But many times these routers are not configured properly, which make them easy to break into, even though the network itself might be secure. 

Possible Countermeasures: 

• Mobile Device User: Avoid the use of untrusted and unencrypted Wi-Fi networks, particularly when needing to access sensitive services. 
• Mobile Device User: When needing to connect to untrusted and unencrypted Wi-Fi networks, attempt to verify with a representative of the hosting organization (e.g., coffe shop employee) that the detected network is the correct one. 
• Mobile Device User and Enterprise: To reduce the probability of connecting to rogue access points, use Wi-Fi hotspot services that associate access points with registered Wi-Fi provider, geolocation, and crowd-sourced reputation data to make assertions about the their apparent trustworthiness. 
• Enterprise: To avoid this threat, only allow mobile devices to connect to authorized Wi-Fi networks that use WPA2 encryption.

 

Wi-Fi SSID Tracking 

Threat Description: 

Possible Countermeasures: 

• Enterprise: To prevent an attacker from persistently associating a tracked mobile device with the SSID of a known network (e.g., home or enterprise Wi-Fi), frequently change the SSID to a new and unrelated value. 
• Mobile Device User: To reduce the number of SSIDs available to an attacker to track a specific device, configure it to not attempt to automatically connect or notify the user of available Wi-Fi networks. 
• Mobile Device User: To further reduce the number of SSIDs available to an attacker to track a specific device, configure network settings to ‘forget’ Wi-Fi networks, particularly infrequently used public Wi-Fi networks. 
• Mobile Device User: To greatly reduce the number of messages available to an attacker to actively track a specific device, disable Wi-Fi whenever networked services are not in use.

 

Eavesdropping of traffic over unencrypted or insufficiently encrypted (e.g. WEP) Wi-Fi networks  

Threat Description: 

Possible Countermeasures: 

• Mobile Device User: To reduce the opportunity for this attack, configure mobile devices to not automatically connect to untrusted and unsecure networks. 
• Enterprise: To reduce the probability of this attack, configure Wi-Fi networks to WPA2 in personal mode with a strong password (increased length, complexity, and randomness). 
• Enterprise: To further reduce the probability of this attack, configure Wi-Fi networks with WPA2 in enterprise mode with digital certificates. 
• Mobile Device User and Enterprise: To mitigate eavesdropping over unencrypted Wi-Fi networks, use over-the-top encryption products that encrypt data prior to transmission off the device. 
• Enterprise: To mitigate eavesdropping over unencrypted Wi-Fi networks, use VPN solutions to establish an encrypted tunnel.

 

Malicious Wi-Fi networks masquerading as legitimate Wi-Fi networks (evil twin) 

Threat Description: 

An evil twin is very similar to a rogue AP, but it’s much more sophisticated when it comes to masking its purpose. Evil twins are designed to look, and act exactly like a legitimate AP. Hackers can clone an AP you know and trust, and create one that is identical. When you connect via this AP, you’re actually connecting to the evil twin, which then proceeds to send info to the hacker. Wi-Fi networks are extremely vulnerable to these types of attacks.

 

Possible Countermeasures: 

• Mobile Device User: When choosing to connect to an unencrypted and potentially spoofed Wi-Fi network, to reduce the probability of connecting to a malicious network, verify the network appears consistently geolocated with the host (e.g., on the premises), and if possible, verify with a representative that the intended Wi-Fi network is the one they host. 
• Mobile Device User: To decrease the probability of connecting to a spoofed Wi-Fi network, configure devices to not automatically connect to unknown Wi-Fi networks, and to ‘forget’ public networks once they are no longer in use. 
• Enterprise: To greatly decrease the probability of this attack, only allow mobile devices to connect to authorized Wi-Fi networks that use WPA2 encryption with a strong pre-shared key (for personal mode).

Client MAC address tracking 

Threat Description: 

When probing for available Wi-Fi networks, mobile devices transmit their MAC address. Persistent use of a single MAC address readily enables physical tracking of a specific device by listening or probing for messages that contain its associated MAC address. As a result, most mobile OS added support for some implementation of MAC address randomization, such that a device generates a new MAC address when establishing communication with an unknown Wi-Fi network. Note, however, that once an attacker has associated a target device with the MAC address it uses on a given Wi-Fi network, successful SSID spoofing may trigger the device to attempt to connect, thereby revealing a traceble MAC address. 

 

Possible Countermeasures: 

• Mobile Device Owner and Enterprise: To increase the complexity of MAC address tracking, procure mobile devices with OS and hardware versions that support MAC address randomization. Starting in Android 6.0, randomized MAC addresses are used for Wi-Fi and Bluetooth scans. See Android 6.0 Changes. In iOS 8, Wi-Fi scanning behavior changed to use random, locally administrated MAC addresses. See User Privacy on iOS and OS X. Windows 10 and later verions support MAC address randomization.  
• Mobile Device User: To reduce traceable signals from a mobile device, place it airplane mode when wireless communication is not in use. In this mode, most devices will disconnect from any current Wi-Fi network, and not attempt to join any Wi-Fi networks until reenabled. 
• Mobile Device User: To minimize traceable signals from a mobile device, power it off when not in use.

Illegal radio frequency transmitters that are designed to block, jam, or otherwise interfere with authorized radio communications 

Threat Description: 

Signal jammers also called WIFI signal jammers or WIFI signal blockers are most often used to interfere with wireless local area networks (WLAN), a type of denial of service (DoS) attack. Besides, under the fast developed technology, advanced and more expensive versions of the WIFI signal jammers are used to jam satellite communications. If you are the guy who has known something about such gadget, you must know the truth that the Wireless Signal Jammer Device can be used to temporarily stop transmission, temporarily short out or turn off the power during the usage of units. These include Radios, Televisions, Microwaves, or any unit that receives electrical signals for operation. About how to apply this device and where it is mainly used or what are the main purposes about this device, following will list you everything about it.

 

Possible Countermeasures: 

• Enterprise and Mobile Device User: Contingency planning for use of another communication band. 
• Enterprise: To mitigate interference to on-premises communications, detect, locate, and deactivate the device causing interference to Wi-Fi communications.