Today, there are more than ever digital professions, which has made having a good Internet connection a necessity. Moreover, even people whose work is not strongly related to the Web, need it on an everyday basis to check their emails or participate in online courses. However, it is also well known that there are public wifi risks but in fact, this is not the only risk factor when it comes to security. This article discusses in detail the risks related to WIFI.
Lack of security
Radio waves intrinsically have the power to propagate in all directions, with a relatively wide range. Because of this, it is very difficult to keep radio broadcasts confined to a limited area. Radio propagation also occurs three-dimensionally. The waves can therefore travel from one floor of a building to another (albeit with a high degree of attenuation.)
The main consequence of this strong propagation of radio waves is that a non-authorized person may be able to listen to the network, possibly beyond the enclosure of the building where the wireless network is set up.
The critical issue is that a wireless network can very easily be installed in a business building without the IT department even knowing. An employee only has to plug an access point into a data port on the network to become public throughout the access point's broadcast range.
What is wardriving? Given how easy it is to listen to wireless networks, there are some people who travel around cities with a wireless-compatible laptop (or PDA) looking for wireless networks. This practice is called wardriving (sometimes written war-Xing for "war crossing"). Specialized war-driving software allows mapping accurately the locations of the open access points with the help of a Global Positioning System (GPS).
These maps can show available unsecured wireless networks, sometimes allowing people to access the Internet. Many websites share this information; in fact, in 2002, students in London invented a sort of sign language to indicate the presence of wireless networks in an area by drawing symbols on the sidewalk in chalk. This is called warchalking. Two opposing semicircles mean that the area is covered by an open network that provides Internet access; a circle indicates the presence of an open wireless network without access to a wired network, and a W inside a circle shows that there is a properly secured wireless network.
There are several risks involved in not properly securing a wireless network:
- Data interception: the practice of listening to the transmissions of various wireless network users.
- Cracking: an attempt to access a local network or the Internet.
- Transmission jamming: sending out radio signals so as to interfere with traffic.
- Denial of service attacks: the network becomes unusable by sending out false requests.
By default, a wireless network is unsecured. This means that it is open to everyone, and anyone within the coverage area of an access point may potentially listen to communications being sent on the network. For personal use, there is little threat, as data is rarely confidential, unless the data is of a personal nature. However, for business use, this may pose a serious problem.
When an access point is installed on a local network, it lets any station access the wired network, as well as the Internet, if the local network is connected to it. For this reason, an unsecured wireless network gives hackers the perfect gateway to a business or an organization's internal network.
Besides letting the hacker steal or destroy information on the network and giving them free Internet access, the wireless network might also be helping them to carry out cyber-attacks. Indeed, since there is no way to identify a hacker on a network and network intrusion detection is complicated, the business group that installed the wireless network might be held responsible for the attack.
Radio waves are very sensitive to interference. This is why a signal can easily be jammed by radio transmission with a frequency close to that used by the wireless network.
Denial of service
The 802.11 standard's network access method is based on the CSMA/CA protocol, which involves waiting until the network is free before transmitting data frames. Once the connection is established, a station must be linked to an access point in order to send it packets. Because the methods for accessing a network and associating with it are known, it is easy for a hacker to send packets requesting a station to become disassociated from the network. Sending out information intended to disrupt a wireless network is called a denial of service attack.
What's more, connecting to wireless networks consumes system resources. Even if the wireless peripheral devices have power-saving features, a hacker may be able to send enough encrypted data to a machine to overload it. Many portable peripherals (like PDAs and laptop computers) have limited battery life. Therefore, a hacker may want to cause excessive power consumption that makes the device temporarily unusable. This is called a battery exhaustion attack.