Subscribe
About

Systemic problems plague WiFi security

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 08 May 2015
Users should know what a WiFi security attack looks like, so they can identify it and take corrective action, says SensePost CTO Dominic White.
Users should know what a WiFi security attack looks like, so they can identify it and take corrective action, says SensePost CTO Dominic White.

Wireless security is still largely inadequate, says Dominic White, CTO of SensePost, who will present at ITWeb Security Summit 2015.

This, he says, is due to the proliferation of mobile devices that have increased the use and ubiquity of WiFi.

White notes several attacks targeting wireless devices are new or have been greatly improved, adding it is not necessarily user ignorance driving this, but systemic problems with the technology that need to be resolved by manufacturers.

However, he notes behavioural factors can contribute to wireless security breaches. "People just press buttons on alerts on their phones. They ignore things like certificate warnings, mostly because they're [the warnings] so obtuse."

Interception of sensitive communications, including credentials - which can be re-used to gain internal network access - is the biggest type of threat faced by individual users and companies as a result of inadequate wireless security, he says.

To safeguard themselves against wireless security breaches, White suggests users make use of 3G connectivity, if possible, as it is harder to intercept. "Know what an attack looks like so you can identify it, and take corrective actions."

ITWeb Security Summit 2015

The 10th annual infosec event from ITWeb is a 'must-attend' experience for every IT and security professional and senior manager with business and information management responsibilities.
Click here to register.

White lists the five biggest security concerns associated with wireless:

* The WiFi connection layer has no security, and things like EAP/WPA are attempts to add a layer on top of it. This means spoofing connections is very easy.
* WPA requires a "shared password", which means the password is often easy to find by "calling the helpdesk or checking a whiteboard in IT", and once compromised, affects the whole network.
* EAP (where individual passwords are used) is secured through certificates, but unlike with Web sites, a certificate cannot be strongly associated with a WiFi network, leading to certificates usually not being validated, and allowing the credentials to be intercepted.
* Mobile device makers have not adequately considered how to alert users of security problems related to secure communications, so often it's a small, confusing error. They also make it too easy to push down malicious configurations to the devices.
* In general, WiFi devices tend to leak the networks they have previously been connected to, so pretending to be one of these is easier. This can also be used for tracking where people have been.

In his presentation at ITWeb Security Summit 2015, White will focus on wireless security.

Share