Wireless attack may be also called Wireless Network Attack. A wireless attack is a malicious intent towards wireless system information or wireless networks. Cyber criminal may carry out several cyber attacks against wireless system or wireless network that may include DoS attack, Sniffing attack, spoofing attack, etc. Malicious purposes of attacking a wireless network may include eavesdropping on communication, disrupting the function of a wireless network or stealing of sensitive and confidential information.
The attacker usually drives around the city or within the society seeking for wireless network to get in, attack on WEP, WPS, and WPA/WPA2 allows attacker to hack your Wi-Fi password. If a Wi-Fi security has a weak password, any attacker can perform a brute force attack using a password file dictionary.
TYPES OF WIRELESS ATTACKS
There are different methods used in wireless attack, attacks are carried out within a connected wireless network or attacking a visible wireless network. The followings are some common wireless attacks.
- Packet Sniffing: When information is sent back and forth over a network, it is sent in what we call packets. Since wireless traffic is sent over the air, it’s very easy to capture. Quite a lot of traffic (FTP, HTTP, SNMP, etc.) is sent in the clear, meaning that there is no encryption and files are in plain text for anyone to read. So using a tool like Wireshark allows you to read data transfers in plain text! This can lead to stolen passwords or leaks of sensitive information quite easily. Encrypted data can be captured as well, but it’s obviously much harder for an attacker to decipher the encrypted data packets.
- Rouge Access Point: Rouge Access Point is an unauthorized access point (AP) that appears on a network, it is refereed to as a rouge access point. Rogue access points can disrupt wireless LAN operations by hijacking legitimate clients and using plain text or other denial-of-service or man-in-the-middle attacks. That is, a hacker can use a rogue access point to capture sensitive information, such as passwords and usernames.
- Password Attack: Password Theft may also termed as Password Attack. The attacker usually drives around the city or within the society seeking to a wireless network to get in, attack on WEP, WPS, and WPA/WPA2 allows attacker to hack your Wi-Fi password. If Wi-Fi has a weak password, any attacker can perform a brute force attack with a password file. If a site doesn’t use SSL or TLS and runs over wireless networks, passwords are sent in form plain text on this wireless network and attacker within this network can read information sent through websites over the network. An attacker can also sniff the network and capture data that contact password, this attack known as the man in the middle attacks.
- Man in the Middle Attack: A man-in-the-middle attack is when a malicious person in a particular network has successfully positioned himself in the middle of communication and able to intercept (view, capture or modify) whatever data communicated between two users. Malicious intent for man-in-the-middle attack is to steal confidential information, such as bank login details, online account details, credit card numbers and email id and login password. Information stolen during a man-in-the-middle attack could be used for many purposes that may include identity theft, illegal fund transfers, payment with stolen credit cards, etc.
- Network Jamming: Network Jamming means disrupting a network or service from a connection or communicating. Flooding an AP to overwhelm the network and prevents legitimate transmissions from getting through is one method of network gaming. This attack is a little unusual because there probably isn’t anything in it to the hacker. Using a device called Wireless Network Signal Jammer, a wireless network is jammed when attacker placed a Wireless Network Signal Jammer within the environment of wireless networking and legitimate devices in the network may stop communicating and responding to one another.
- War Driving: War drives, also known as war dialing, Wardriving is the act of searching for Wi-Fi networks from a moving vehicle. It involves slowly driving around an area or walking around a street of buildings with the goal of locating Wi-Fi signals. This may be accomplished by an individual or by two or more people, with one person driving and others searching for wireless networks. War driving is basically people driving around looking for vulnerable APs to attack.
- Bluetooth Attack: Bluetooth attack is the search for Bluetooth devices nearby and using common tools to identify the MAC address of vulnerable Bluetooth devices. An attacker can determine which operating system his victim is using by scanning and probing the device.
It is very important for users in a wireless network / public WiFi to set up and use VPN while on the network. Network administrators should monitor wireless network and Tips for securing Wireless are available.
READ: Wireless Attack Tools