Fixxx
Moder
- Joined
- 20.08.24
- Messages
- 954
- Reaction score
- 3,773
- Points
- 93
In this article we will look at the dangers posed by our beloved Wi‑Fi, Bluetooth and other wireless interfaces, review typical attacks and protection methods and sum up, because the price of convenience may be too high.
Wi‑Fi
Wi‑Fi has long been the standard for connecting to the Internet, but few people take into account that an access point is visible not only to you and is an easy target for a potential attacker. Modern tools for compromising an unprepared access point require neither powerful hardware nor deep knowledge and are available to any schoolchild, not to mention competent personnel from the relevant agencies. Let’s consider a few common attack examples:
Most likely the attacker will start with the simplest - they will send you a deauthentication. From your side it will look like this: suddenly your work device has lost connection to the access point. Strange, you’ll think, and try to reconnect. Opening the list of available Wi‑Fi networks, you’ll see your network in the list, but when you click it, it will ask for a password. Then, by entering the password, you give FULL CONTROL over the access point and all devices connected to it to the attacker.
How it works:
After the attacker sends you a deauthentication packet and disconnects you from Wi‑Fi, they create an access point with the same SSID as yours and with a stronger signal, so you then connect to their evil twin access point. Briefly, we’ll mention the KRACK, PMKID and WPS attacks (connecting to the router by PIN or by button). These attacks simply destroy routers using WPA2 encryption and turn them into open doors into your network.
Protection:
Move to equipment supporting WPA3 encryption; moreover, all devices must support this type of encryption and in the access point settings you should choose only WPA3 without WPA2 compatibility, otherwise the router will be vulnerable to downgrade attacks, the same ones that affect WPA2. It should be noted that WPA3 is not a panacea and doesn't provide 100% protection. Several vulnerabilities have already been found in it that are successfully exploited and new ones will appear over time. Generate strong passwords with KeePass or similar programs, constantly update router firmware, choose the router carefully and pay attention to the vendor and its reputation.
TIP: On smartphones, be sure to disable automatic connection to your home network and turn off Wi‑Fi before leaving the house. Otherwise an attacker who knows your SSID can connect your phone to their evil twin. The phone will think it's your home Wi‑Fi and connect automatically. Then all data from the phone will be intercepted. This concerns iOS devices to a lesser extent, while Android will give everything away and may even allow the attacker to continue exploiting it after the incident.
Bluetooth
There’s hardly any praise to give - it’s very brittle to this day. Bluetooth remains a primary target for attacks on Android and iOS smartphones, as well as on PCs, regardless of the OS. As a result of an attack an attacker can gain full RCE access to the victim’s device. Examples of attacks: Bluebugging, Bluesnarfing, BlueBorne, attacks on HID devices, etc. I will not go into technical details here. In most cases the victim will not even notice the attack and the device will continue to work as usual. Older devices are especially vulnerable. Protection: complete disabling, preferably physically.
2.4 GHz Radio Channel
This band is primarily used by mice, keyboards, IoT devices and even Wi‑Fi 6 routers that use this range. Many of them are vulnerable to attacks due to weak protocol protection and lack of updates. Everything is very bad, just like with Bluetooth and even worse. Most devices from popular brands such as Logitech, HP, Microsoft and others, especially inexpensive models, are vulnerable and provide easy access to your devices. The correct option is not to use such devices for work purposes. For completeness, mention Zigbee, Z‑Wave and NFC. These technologies are also unsuitable for use in sensitive infrastructure and are unprotected. We will not go into them in detail because they are rarely used.Acoustic Keylogging
Not long ago this seemed like a fairy tale, but now, in the era of neural networks and machine learning, more than 90% of typed text can be recovered from an audio track of keyboard sound. Protection: Control your workspace, practice good hygiene when moving with work devices. Your white phone or other gadgets should not be able to hear or see you when you enter sensitive information.Conclusion
In conclusion, I can say with confidence that, unless you are a specialist and you analyze your traffic, detect incidents and audit your work network (since new CVEs are found every month), you will not be able to keep your security up to date, which can ultimately lead to sad consequences. Removing wireless devices will significantly secure you and reduce the attack surface available to an adversary.
