What Is a Wireless Network?
A wireless network refers to a computer network that makes use of Radio Frequency (RF) connections between nodes in the network. Wireless networks are a popular solution for homes, businesses, and telecommunications networks.
It is common for people to wonder “what is a wireless network” because while they exist nearly everywhere people live and work, how they work is often a mystery. Similarly, people often assume that all wireless is Wi-Fi, and many would be surprised to discover that the two are not synonymous. Both use RF, but there are many different types of wireless networks across a range of technologies (Bluetooth, ZigBee, LTE, 5G), while Wi-Fi is specific to the wireless protocol defined by the Institute of Electrical and Electronic Engineers (IEEE) in the 802.11 specification and its amendments. For additional details on Wireless networks, see What is a Wireless Network?
Security Issues in Wireless Environments
The ubiquitous nature of wireless networks is a perfect environment for cyberattackers. Unlike Ethernet, the hacker does not need direct physical access to connect, so they can launch their attacks from a relatively safe distance so long as the Wi-Fi network has coverage there. As such, wireless security solutions are in high demand. But how do you know if you are being hacked?
Consider the scenarios below, and immediately take action if you suspect there has been misuse or compromise of your Wi-Fi network.
Denial of Service
A denial-of-service (DoS) attack is a cyberattack intended to shut down a device or network, or render it inaccessible or useless for users. There are several forms of DoS attacks for wireless networks, this can be done by flooding the airways with traffic or requests to bog down the Access Point, by sending fabricated packets to clients in an attempt to trick them into dropping connection, or (at the most crude, yet most effective) by blasting a large amount of Radio Frequency noise at the same spectrum that Wi-Fi operates.
One of the goals of this type of attack is to "bump off" regular, valid users who need access to the network. While the DoS attack is in operation, legitimate users making connection requests cannot connect.
If users cannot connect to Wi-Fi, or are finding internet speed extremely slow, you might be the victim of a DoS attack.
Rogue Access Point
A rogue access point (rogue AP) is a wireless access point that has been added directly to a network's infrastructure that is not operating under the control and management of the network operator. Rogue APs can either be deliberately maliciously installed, or can be installed by employees trying to ‘improve’ network coverage in an area by adding a consumer grade access point of their own. No matter how the rogue AP came to be there, it represents a security vulnerability for the network.
Maliciously installed rogue access points offer the hacker a direct connection to the network. While your users won’t be able to access that wireless network, the hacker can, and can use it as a connection point to launch attacks directly into the larger enterprise network.
Non-malicious rogues are still problematic. As they are not being managed by IT, they often do not have the same level of security protocols enabled as other devices in the system. This makes them low hanging fruit for hackers looking to gain access to the network.
'Honeypot' Access Point
A honeypot AP involves a hacker positioning another access point outside of your location but within range of the devices on your network. The honeypot then begins to transmit identical signals with the purpose of having end-users connect to it. Once connected, a variety of ‘evil twin’ attacks can be launched by cyber attackers.
A honeypot AP counts on users thinking they are connected to the corporate network, when in reality, they are connected to a hacker’s AP. Depending on how subtle the form of ‘evil twin’ attack being used is, employees may never realize the issue until sensitive information has been compromised.
Passive Packet Capturing
Passive capturing is a type of network attack in which a system is simply monitored and scanned for. The purpose of passive capturing is to gain information about the target. This information can then be leveraged to perform an active attack if the malicious actor finds there is a vulnerability worth exploiting. Passive capturing can also be used to attempt to decrypt received packets at a later time, although this type of attack has dropped in effectivity with advances in WPA security algorithms.
Wireless Security Protocols
Wireless networks are not as secure as wired networks. Wired networks use a network cable to connect two points, whereas wireless networks broadcast data through the air within a limited range. Though there can be interference, any device within the range can be "listening."
As such, the Wi-Fi Alliance, over time, has approved wireless encryption protocols to provide stronger security for data transferred via a Wi-Fi connection.
Wired Equivalent Privacy or WEP
This was the very first security standard for wireless networks and was approved in September 1999. Wireless security was a new concept 20 years ago, and this was the accepted—and only—wireless security protocol. However, it was deemed difficult to configure.
Additionally, as with any aging software or standard, a host of vulnerabilities were soon discovered. Experts advise both home users and businesses to either upgrade their systems to the latest WPA standard, or if this is not possible, to completely upgrade their equipment. The Wi-Fi Alliance abandoned WEP in 2004.
One of the largest and most publicized data breaches, the attack on retailer T.J. Maxx in 2009, was traced back to its wireless network being configured with WEP. As a result, the PCI Security Standards Council prohibited retailers from processing credit card data using WEP.
Wi-Fi Protected Access or WPA
Because it was taking time for the Wi-Fi Alliance to approve the 802.11i wireless security standard, the WPA protocol was released in 2003 as a placeholder. There are two versions: WPA Personal, which uses a preshared key (PSK) and the Temporal Key Integrity Protocol (TKIP), and WPA Enterprise, which uses an authentication server to generate keys or certificates.
WPA would soon also be found vulnerable to threats and intrusions and was only in use for one year before WPA2 was introduced.
Wi-Fi Protected Access Version 2 or WPA2
Finalized in 2004, WPA2 was the long-awaited protocol based on the 802.11i wireless security standard. WPA2's most important improvement over WPA was its incorporation of the Advanced Encryption Standard (AES) for encryption.
Developed in 1997 by the National Institute of Standards and Technology (NIST), AES is a cipher chosen by the U.S. government to protect sensitive information. It has three different key lengths to encrypt and decrypt a block of messages: 128-bit, 192-bit, and 256-bit. AES is widely used for protecting data at rest in such applications as databases and hard drives. At the time of its rollout, it was the strongest encryption protocol for wireless connections.
Wi-Fi Protected Access Version 3 or WPA3
In June 2018, the Wi-Fi Alliance launched WPA3 as the "next generation" of Wi-Fi security. As with previous versions of WPA, WPA3 has different specifications for personal and enterprise networks. To ward off any brute-force attacks, WPA3-Personal users are protected more strongly than in the past from too many password-guessing attempts. WPA3-Enterprise users are able to access higher-grade security protocols in the form of authenticated encryption and key derivation and confirmation, among other measures.
To facilitate widespread adoption, WPA3 is interoperable with devices using WPA2.
How Fortinet Can Help?
Wi-Fi management and security helps prevent unwanted users and data from harming devices connected to your network. With the Fortinet Wireless Access Points, you get a full view of the network and devices that are accessing it. It integrates with the Fortinet Security Fabric, allows for cloud access point management, and comes with a dedicated controller.
The FortiGate Integrated Wireless Management system gives you an enhanced security solution that incorporates fewer components, making it a simpler solution. As a next-generation firewall (NGFW), FortiGate provides full network visibility while automating protective measures and detecting and stopping more threats.