What is wireless security and what are the most common wireless attacks that threaten wireless security architectures?
Wireless security is the process of designing, implementing and ensuring security on wireless computer systems. And it is the prevention of unauthorized entities from accessing a particular wireless networks or assets. More specifically, it is a type of cybersecurity that adds protection measures for wireless computer networks in an organization. It further protects a wireless network from unauthorized and malicious access attempts to assets. In addition, wireless security is achieved through wireless devices that encrypts and protects all wireless communications between parties. Even if the wireless security is compromised, the cybercriminal is not able to access the content of the IP packet in motion. Moreover, wireless intrusion detection systems (IDS) and intrusion prevention system (IPS) also augments protection of wireless network by alerting security personnel in case of security incident or breach.
Some of the common algorithms and standards to ensure wireless security includes the following:
- Wired Equivalent Privacy (WEP): WEP is defined by IEEE 802.11 standard and uses a predefined shared Rivest Cipher (RC4) secret key for both authentication and encryption purposes. The shared key is a static and shared among the wireless access points (WAPs) and clients. And it had implementation flaws and insecure standard.
- Wi-Fi Protected Access (WPA): WAP was designed as the replacement for WEP standard . And it is a significant improvement over WEP in that it does not employ the same static key to encrypt all communications. WPA employs RC4 algorithm and uses a Temporal Key Integrity Protocol (TKIP) or Lightweight Extensible Authentication Protocol (LEAP). WAP is no longer secure likewise WEP.
- Wi-Fi Protected Access 2 (WPA2): IEEE 802.11i and Wi-Fi Protected Access 2 (WPA2) replaced the insecure WEP and WPA standards. In addition, it implements Advanced Encryption Standard-Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-CCMP) instead of RC4 as is the case with WEP and WPA. WAP2 is secure and no cyberattack have been successful against it so far.
- Wi-Fi Protected Access 3 (WPA3): WPA3 provides Greater protection for passwords, individualized encryption for personal and open networks, and more security for enterprise networks
- 1X/ Extensible Authentication Protocol (EAP): WPA, WPA2, and WPA3 support the enterprise (ENT) authentication known as 802.1X/EAP. And it is a standard port-based network access control that clients cannot communicate with a resource until proper authentication takes place.
- Lightweight Extensible Authentication Protocol (LEAP): LEAP) is an alternative to TKIP for WPA. This was developed to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a standard
- Protected Extensible Authentication Protocol (PEAP): PEAP encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption
- Wi-Fi Protected Setup (WPS): WPS is a security standard for wireless networks. And it is intended to simplify the effort involved in adding new clients to a well-secured wireless network.
- Wireless MAC Filter: MAC filter can be used on a WAP to limit or restrict access to only known and approved devices. The MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices
- Wireless Antenna Management: A wide variety of antenna types can be used for wireless clients and base stations.
Some security threats to wireless security include the following:
- Man-in-the-Middle (MITM) attacks
- Rogue Access Points
- Packet sniffers
- Jamming
- Replay attack
- Evil Twin
- Denial of service (DoS)