Cyber Security question: Describe one wireless vulnerability. Explain why this vulnerability exist. Also describe how its...

Q.Describe one wireless vulnerability. Explain why this vulnerability exist. Also describe how its exploited and how to mitigate it.

Answer:

Default WiFi routers:
By default, wireless routers are shipped in an un-secured state. so that's why  an attacker can easily connect to and configure the router to meet his or her own needs. The risks include changing the DNS server settings to a static IP that is owned by the attacker or, uploading a hacked firmware version to the router that could put the attacker in full control of the data. Sniffing programs, wireless scanning drones, attack scripts, and more can be easily installed on the router, all of which would go undetected.In addition to the active attacks against unconfigured routers, these devices can be used as a gateway for attackers to launch viruses/attacks/spam sessions. Since most routers have very limited logging, the attacker could have a nearly-perfect anonymous connection. Any attempt to trace the attack back to its origination will dead end at the wireless router.

Explain why this vulnerability exist?

Answer: This vulnerability exist for many reasons ,,some of them are mention in the below-

• Many Businesses are Neglecting WiFi Security :Many businesses have moved from wired to wireless technologies which has had a negative impact on their security posture. Wired networks are generally a lot easier to secure that wireless networks, and poor implementation often introduces vulnerabilities

• Common Wireless Vulnerabilities : Listed below are some of the most common wireless network vulnerabilities and steps that can be taken to prevent the vulnerabilities from being exploited. These wireless network vulnerabilities could easily be exploited in real world attacks on wireless networks to steal sensitive data, take control of a router or connected device, or install malware or ransomware.

• Placing an Access Point Where Tampering Can Occur: If the access point is placed in a location where it can be physically accessed, tampering can occur. It takes just seconds to revert the access point to factory default settings. Make sure the access point is located in a secure location, such as a locked closet.

Also describe how its exploited and how to mitigate it?

Answer:

• Use a VPN to keep your local traffic encrypted :

One of the fundamental flaws of WPA2 that’s being fixed in WPA3 is the concept of forward secrecy. This means that in the new WPA3 standard, recorded Wi-Fi traffic can’t be spied on even if the attacker gains knowledge of the Wi-Fi password later. With the current WPA2 standard, this is not the case. Traffic on a local network can be spied on both by other users and by an attacker who records the traffic and decrypts it after learning the password later.VPN’s will offer a layer of protection to avoid being easy prey. PIA, Mullvad, or NordVPN will all render your local traffic indecipherable to a hacker, and provide forward secrecy by making recordings of your Wi-Fi traffic useless even if the attacker learns the WI-Fi password later.

• Never use hidden networks :

A normal Wi-Fi access point will send beacons containing all the information needed for nearby devices to discover and connect to it, such as the network SSID and supported encryption. Hidden networks, by contrast, never send beacons and don’t announce themselves in any way, requiring that a client device to be in range and already know about the network to connect. That means you’ll never see a hidden network included in the list of nearby access points, making it harder in theory for an attacker to know a network is there.

• Never re-use passwords for Wi-Fi :

One of the biggest flaws of WPA2, the current Wi-Fi standard, is that a weak password can make it easy for an attacker to break into the network. If the password to your Wi-Fi network is among the top million or so worst passwords out there, it’s likely a hacker could breach your network in a matter of minutes. That’s because all they need to do is capture a handshake from a device connecting to the Wi-Fi, load it into a tool like Hashcat, and sit back while it tries every guess in a massive file of breached passwords.