“Go Wireless” is the slogan every Individual/Industry/Organizations use today when using any wireless network deployments from the home Internet to the hand-held smart devices like iPad, Smartphones etc. More effort has been put in innovating new products day-to-day but less in security aspects of it. The following are the top 5 security threats to wireless industry which the wireless product manufacturers as well as the users will be facing in the near future.
1. Rogue Access Points: The Access Points which are installed on a secure network without proper authentication from local network administrator are called Rogue Access Points. These kind of Access Points pose a serious threat to the organization as hackers can use this as a gateway to login to the secure network to install malicious programs to steal confidential data. The Rogue Access Points provides a backdoor into the organizations network for unauthorized parties.
2. Misconfiguration of Switches and Access Points: These kind of threats are raised by enterprise’s own equipment. Any Access Point which is mis-configured can open up a door for hackers. The Access Point setting are set to defaults or the security setting is turned off. These kind of issues pop up when the Access Points are not centrally managed. In those cases the probability of a mis-configured Access Point going unnoticed will be high. As there would not be any network connectivity issues no problem would be reported but these would have paved a way for the hacker’s malicious threats. (gcn.com, 2010)
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks: These are common attacks which hackers tend to when they attack any organization. Denial of Service for any organization or application can be possible by flooding a channel or channels with deauthentication or similar packets that terminate all current and attempted client associations to access points. Deployment of these kind of threats from two or more persons or bots is known as DDoS Attack. Intrusion Detection Service (IDS) and Intrusion Prevention Service (IPS) are deployed to prevent these kind of threats. These prevention measures are being evolved over time with increasing sophistication. (airtightnetworks.com, 2005)
4. Bluetooth Attacks: Bluetooth encryption same like Wi-Fi should stop unauthorized personnel listening in to the data or phone calls being sent or taken via Bluetooth. But there are devices with versions of Bluetooth that are older with security holes assisting hackers to eavesdrop or steal information. Bluetooth devices are no longer a “Personal Area Networks”. Hackers use directional antennas to communicate with the user devices and hack their mobile phones via Bluetooth that is switched ON. Even the Bluetooth head-sets got the same problem. Recent research proves that many of the existing Bluetooth enabled head-sets are vulnerable to attacks. They can eavesdrop not only on victim’s conversations but people around them via victim’s Bluetooth that is switched ON. (webroot.com)
5. Smartphone Malware: Smartphone Malware is undoubtedly the next major threat the smartphone manufacturers and App providers should keep in mind. The major mobile Operating Systems like Android are providing more flexibility in customization to their users. With more flexibility comes more users and so attracts more hackers. There are many ways hacker can resort to in spreading Android Malware some of them are: Malware through Apps downloadable through Google Play, More controllable mobile botnets, Mobile banking Trojans, Malware in QR code scanners, Premium service abusers who send messages to premium rate numbers from victim’s phone. So, android has now become a launch pad for new hacker attacks.
Smartphone vulnerabilities and rise of Android Malware
By Yashwanth Tekena…