Targeting Wireless Network Security Via Wi-Fi Threats
Rogue access points, data interception, DoS downtime -- these are all Wi-Fi threats that can spell trouble for mobile security managers. Wireless network security requires constant attention, and to help keep track of the many potential threats, we outline our Top 10 Wi-Fi threats and offer guidance on how to protect against them. Gone are the early days of Wi-Fi, when CSOs lost sleep over threats like WEP cracking and war driving. 802.11n products have matured to the point where many enterprises are investing in larger, faster WLANs to support mission-critical applications. And yet, pros know that security is never to be taken for granted. Here, we offer our Top 10 Wi-Fi Threats and explain why diligence is (still) required.
1. Data Interception:Today, its widely understood that data sent over Wi-Fi can be captured by eavesdroppers -- easily, within a few hundred feet; even farther with directional antennas. Fortunately, all Wi-Fi CERTIFIED products now support AES-CCMP data encryption and integrity. Unfortunately, there are still legacy products that only speak TKIP, and many WLANs are configured to accept both AES and TKIP. But TKIP is vulnerable to message integrity check (MIC) attacks that allow a limited set of spoofed frames to be injected -- for example, ARP. Although resulting risks are modest, the writing is on the wall: The time has come to retire TKIP and require AES-CCMP.