Comment: Why Cybercriminals Love WiFi

Gupta says there are many reasons why cybercriminals love to use WiFi communications
Gupta says there are many reasons why cybercriminals love to use WiFi communications

Cybercrimes involving the use of WiFi communications are on the rise. This is readily evident from recent, highly publicized incidents, such as the financially devastating TJX WiFi hack, terrorists hacking a private WiFi in India to send emails, Russian spies in the US who used ad hoc WiFi networks for private communications, and the case of Minnesota man charged with sending threatening emails to Vice President Joe Biden after he hacked into a neighborhood WiFi network.

Is the use of WiFi in these high-profile incidents a random coincidence, or are there good reasons why cybercriminals are launching their attacks through WiFi? The answer is yes, there are reasons, and the following are the most important ones among them.

WiFi provides a way to evade physical security

WiFi signals from both corporate and personal WiFi networks often leaks into areas that are not physically secured. This provides ample opportunity for cybercriminals to break into an authorized network utilizing the available WiFi signals while evading physical security measures, such as electronic access control, surveillance cameras, security guards, etc.

WiFi offers mobility advantages

Similar to regular WiFi users who enjoy mobility advantages while using WiFi, cybercriminals also benefited from mobility when they use WiFi communications. Using easily accessible and consumer-grade WiFi technology, they can easily set up private wireless networks either within the network infrastructure or in ad hoc mode. These private WiFi networks can then be used for internal communications within the group, including data exchange, sharing information, or voice conversations.

WiFi provides cybercriminals with anonymity and untraceability

Anonymity and untraceability – both are perhaps the most sought-after things for cybercriminals while carrying out their operations. When using telecommunications networks for voice and data, each communication is logged either implicitly or explicitly on orders from governments. Therefore, there is a good chance of tracing the cybercriminals if they rely on telecommunications networks.

Also, if cybercriminals use private internet connections or internet services offered at a cybercafé, then they remain vulnerable to tracing via internet tracing techniques, recording of personal identity by most cybercafé owners, and ISPs that record of browsing history to comply with government mandates.

With WiFi, however, cybercriminals can easily achieve anonymity and untraceability. With their own private WiFi network setup, which doesn’t require regulatory control or compulsory monitoring, cybercriminals can efficiently and easily achieve intercommunications at a particular place, thereby avoiding the use of traceable cellular networks or the internet. Also, by hacking into others’ personal WiFi networks, cybercriminals can remain anonymous while using the traceable internet.

Open or poorly secured WiFi networks are easily availabile

Most people still use open or poor security (WEP) options while configuring their private WiFi networks. In addition, proper precautions are not taken by many users while using open public WiFi networks.

Considering the well-known fact that open and poorly secured WiFi networks are easily vulnerable to eavesdropping, intrusion, and a variety of other attacks, continued configuration and use of unsecured/poorly secured WiFi networks attracts more and more cybercriminals to use WiFi technology for achieving their goals.

WiFi provides good range and greater speeds

Because WiFi provides a fairly large communication range – much larger when compared with other available technologies for local area wireless networks, such as Bluetooth, infrared, etc. – cybercriminals can operate at a safer distance when using WiFi communications. Along with this large range, the data speed available on WiFi is relatively high, almost comparable with Ethernet after the introduction of the 802.11n standard.
With such high data rates available at a safe operating distance, cybercriminals can quickly finish operations, such as data swaps, very quickly.

Well-known and easily executable WiFi exploits/vulnerabilities are available

Cybercriminals are also benefitting from a number of WiFi exploits, such as rogue access points (APs), Honeypot APs, WiFi DoS attacks, and software access points running on Windows/smart phones. Many of these exploits can be easily executed using off-the-shelf hardware and freely available software (on the web), such as Karma, Backtrack, and Kismet, all of which can achieve intrusion or disruption for a targeted authorized network.

Furthermore, there are vulnerabilities present in WiFi infrastructures, such as mis-configured APs, WEP weaknesses, TKIP vulnerability, and the latest Hole 196 vulnerability. These vulnerabilities can be easily exploited to intrude on an authorized network or launch denial-of-service attack on the same. The behavior of WiFi clients on operating systems (e.g., Windows), can also be exploited by cybercriminals for compromising an individual’s WiFi-enabled machine, using tools such as Café Latte.

WiFi networks are not typically monitored

Unlike the widespread use of firewalls and network access control software to monitor wired networks for possible intrusions, most WiFi networks remain unmonitored because most people are still uneducated about WiFi risks. This presents an advantage for cybercriminals because wireless intrusions, disruptions, and other exploits often go undetected. Also, due to the lack of WiFi network monitoring, there is little, if any, forensic evidence against WiFi exploits.

Defending Your WiFi Network

Considering the aforementioned reasons, it is quite obvious why cybercriminals are increasingly using WiFi communications in their covert operations. Also, with the explosive growth of WiFi capable smartphones, the day is approaching when push-button WiFi hacking tools will be available on these devices, which can be easily carried by cybercriminals to various locations.

So, what are the odds that a hacking attack launched via WiFi will be detected and blocked? The answer is close to zero – unless the following counter measures are implemented:

  • Enterprises/corporations should make sure that their WiFi networks and ‘airspaces’ are not being used to host criminal activity. Thus, they should consider deployment of a comprehensive WIDS/WIPS solution to monitor and secure their ‘airspace’ on 24/7 basis, irrespective of whether or not they own a corporate WiFi network. A comprehensive WIDS/WIPS solution comes as an overlay solution, independent of your existing WiFi infrastructure. Also, nowadays, an enterprise can choose whether to own and manage a WIDS/WIPS solution or use a SaaS offering.
  • Home WiFi users, travelers and public WiFi users should adopt strict, safe WiFi practices. The list of safety precautions while using a public hotspot is freely available on many websites. Also, these users should consider installing a WiFi security agent – capable of providing active security against various WiFi exploits – on their WiFi devices.
  • Sensitive public WiFi hotspots need to be monitored so as to record forensic evidence against any cybercrime occurring via WiFi communications.

Ajay Kumar Gupta is the acting tech lead, engineering, at AirTight Networks, a global provider of enterprise WiFi security and performance management products. He is a frequent contributor to some leading security magazines and AirTight’s blog.

What’s Hot on Infosecurity Magazine?