12 Jun Can a Wi-Fi network ever be completely secure?
There are many ways in which hackers and crackers can break into a Wi-Fi network. A hack becomes simple if the network uses out of date security protocols or weak passwords. But even if the system is setup with the latest security measures, strong passwords, firewall and malware protection, there are still ways that a malicious third party might access such a network. Writing in the International Journal of Wireless and Mobile Computing, researchers from China review the various hacking techniques that might be used and show what defensive measures might best be taken to preclude system compromise.
Rui Guo of the Department of Internet Crime Investigation, at the National Police University of China, explains that there is a fundamental security flaw in all Wi-Fi systems. Because of the way Wi-Fi works, the access-point must listen passively for a signal or beacon, from devices that may wish to connect whether legitimately or illicitly. This beacon is wholly unencrypted and it has to be because, until a connection is made, no data can be exchanged to encrypt subsequent communication between the access-point and device.
“This makes Wi-Fi easy to use because you can see networks and their names around you without exchanging some key or password first, but it also makes Wi-Fi networks prone to many kinds of attacks,” explains Guo. He has now looked at the top three exploit kits used to break into Wi-Fi: Rogue AP, ARP spoofing, and Wi-Fi MITM. The first point of concern is that, by virtue of its wireless nature, none of these kits need physical access to the network. Wi-Fi is vulnerable to man-in-the-middle attacks, whereas a wired network would require the hacker to have a plug-and-socket connection to the network to be able to breach its security.
These “automated cyber weapons” can cause havoc by penetrating and bypassing protections. They can also forge disassociations and deauthorise packets thereby compromising legitimate communications. Guo describes the protection tools that are available but notes that none of them is perfect and there almost always ways in which a hacker can breach a Wi-Fi network.