Open in app

Sign in

Write

Sign in

The Dark Side of Wi-Fi: Exploring the Vulnerabilities and Dangers of Wireless Networks

Pranoypaul
6 min readFeb 27, 2023

--

Wifi networks have undeniably become an inevitable part of our lives. Live streaming, gaming, OTT platforms, shopping, bill payments, in fact most of the time we spend on our electronic devices, we are sending/receiving data through a Wifi network. It is true that WiFi has made our lives easier, but it is very important to know the security risks that we are being exposed to when using WiFi. No matter how secure we think the WiFI we are connected to is, it can be cracked one way or another using the technologies and compute capacity available today. A modern GPU can crack the strongest 8 digit passwords in under an hour.

There are 3 commonly used wifi network encryptions. WEP, WPA and WPA2. WPA3 is also available but it is not generally used due to its high cost. Let’s look at some of the most commonly used wifi hacking methods.

WEP (Wired Equivalent Privacy):

This is an older wifi encryption standard and is the least secure of the lot. WEP uses a shared key to encrypt data sent between devices on the network. If an attacker gets his hands on enough of these encrypted data packets he can use tools like aircrack-ng to crack the password. WEP is so insecure that this can be done in under 5 minutes for most WEP encrypted WiFi

WPA and WPA2

These are more modern and most widely used encryption standards these days. They use an encryption method called CCMP. CCMP works by scrambling data before it is transmitted over the network so that only authorised users can access the data. Unlike WEP this WPA/WPA2 is much harder to crack. This is because the encrypted data packets sent here do not have any data the attacker can use to predict the password. The only usable packet here is the 4 packets called the handshake packets sent when a client connects to the WiFi network. To get these packets hackers do something called a deauth attack that temporarily disconnects users connected to a WiFi network so that the hacker can get the 4 packets that are generated when the client reconnects. The handshake data can be used to see what the password is by running millions of combinations of passwords against it. Attackers usually have many datasets of commonly used passwords and their combinations. They also generate their own set of password list using data that could have been used at least partly in the password.

WPS(Wifi protected Setup)

Unlike the name suggests, this is a huge vulnerability that hackers can exploit to crack WPA/WPA2 encryption based networks. This is a feature that allows devices to connect to a network using an 8 digit pin. This is often used to authenticate printers and other devices on a wifi network. Modems will have a feature to enable push button authentication to use this option where this method can only be used when a physical button on the wifi router is held pressed. If this option is not enabled hackers can easily crack this 8 digit password by iterating through all the permutations of the 8 digit number, and digits are the easiest to crack.

Evil Twin Attack

In the other attacks, the attacker tries to crack the password using his immense compute power to predict the password of the WiFi network of the victim to gain access to the network and subsequently their data. In an Evil Twin Attack, the attacker creates a fake WiFi access point that looks legitimate and tricks users into thinking it is a genuine network. For example, a person could run a wifi network named starbucks_5gz somewhere near a starbucks and a customer at starbucks thinking its the starbucks network will connect to it. Once the user is connected the attacker can monitor their internet traffic and potentially steal their sensitive information.

What does the hacker do once he gets into the same network as the victim?

  • They could compromise all the devices in the network.
  • Get credentials stored on devices.
  • Hack cameras attached to the network.
  • Monitor and tag all the network traffic coming from all the users in the network.
  • Mess around with the IOT/Smart home devices in the house(These are usually the easiest to hack).
  • Disable other security systems if present.

Man-in-the-Middle Attack

One of the most commonly seen attacks is Man-in-the-Middle(MitM) Attack. In this attack the hacker places themselves between the victim and in this case the internet gateway(WiFi router). The hacker does this by impersonating as the router to the victim and as the victim to the router, so all the data the router tries to send to the victim goes through the attacker and vice versa giving the hacker access to all the data communicated by the victim to the internet without the victim realising it. ARP spoofing in the method by which the Hacker does this. ARP(Address resolution protocol), is how Ip addresses are mapped to the MAC address of users in the network but these ARP tables are not very secure. This method can be used to capture user ids and passwords the victim used while the MitM attack was ongoing enabling the hacker to gain access to potentially sensitive data to the user like bank login credentials etc.

Conclusion

WiFi networks are inherently flawed in terms of security. As daily users of WiFi networks it is critical for us to take appropriate measures to secure them. As we have seen, hackers can exploit vulnerabilities in encryption protocols, brute force/dictionary attack passwords and use various other techniques to intercept and manipulate network traffic.

Following are the best practices for normal users to keep yourself secure from these threats

  • Use a strong alphanumeric password with special characters in them for the wifi network
  • Don’t use WiFi networks with WEP encryption
  • If the modem supports WPS, either disable it altogether or enable push button authentication
  • Keep firmwares uptodate
  • Avoid connecting to public wifi, When connecting, use a VPN
  • Avoid entering password and other sensitive data in websites that don’t have the lock sign on the address bar(HTTPS/SSL)
  • Keep rotating passwords
  • Don’t save passwords in browsers or as plain text on devices that you use.
  • Use the single click google/facebook sign up for websites that have the option(SSO)

For advanced users that really want to go the extra mile:

  • Buy WPA3 supported WIFI modems
  • Use high end LAN switches that support VLANs to create different sub networks for different devices, for example — IOT devices that are least secure of the lot can go into one VLAN, all the Laptops, PC’s mobiles where we enter sensitive data can go into another VLAN and another VLAN can be created for the guest network which will have the least privileges
  • Prefer connecting to the network using switches whenever possible
  • Buy wifi modems with AI security built in
Hacking
Wifi
Security
Awareness
Data Protection

--

--

Pranoypaul
Pranoypaul

Written by Pranoypaul

25 Followers
9 Following

Hello fellow Devs, my name's Pranoy. I'm a 25 year old programmer living in Kerala, India.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams