Wireless Security | Set 1

Wireless Network provides various comforts to end users, but actually, they are very complex in their operation. Many protocols and technologies are working behind the scenes to provide a stable connection to users. Data packets traveling through a wire provide a sense of security to users, as data traveling through a wire is probably not heard by eavesdroppers. To secure the wireless connection, we should focus on the following areas

• Authentication: Identify the endpoint of the wireless network and end-users
• Privacy: Protecting wireless data packets from a middleman.
• Integrity: Keeping the wireless data packets intact

Wireless clients connect to Access Points (APs) and exchange data over the air. As long as devices comply with the 802.11 standards, they can coexist on the network. However, not all devices are trustworthy; some rogue devices may pose serious threats to wireless security. Such devices can steal sensitive data or disrupt network availability. To safeguard against these risks, wireless security is enforced through various methods, including authentication, encryption, and access control.

• Authentication
• Privacy and Integrity

Types of Authentication

There are broadly two types of Authentication processes: Wired Equivalent Privacy (WEP) and Extensible Authentication Protocol (802.1x/EAP). These are explained as follows.

1. Wired Equivalent Privacy (WEP) :

In wireless communication, open authentication offers no security. WEP uses the RC4 cipher to encrypt and decrypt data with a shared WEP key, which can serve as both authentication and encryption. A client can connect to an AP only if it has the correct key. The AP verifies this by sending a challenge phrase; if the client encrypts it correctly, access is granted.

2. Extensible Authentication Protocol (802.1x/EAP) :

EAP is a flexible authentication framework used in wireless networks and Point-to-Point connections. It allows different authentication methods (passwords, digital certificates, smart cards, tokens, biometrics, etc.) instead of being limited to one fixed method. 802.1X is a port-based access control standard that uses EAP for authentication. It involves three key components:

1. Supplicant - Device requesting access.
2. Authenticator - Device that provides access to network usually a Wlan controller (WLC).
3. Authentication Server - Device that takes client credentials and deny or grant access.

EAP is further of four types with some amendments over each other -

• LEAP
• EAP-FAST
• PEAP
• EAP-TLS

Why Wi-Fi Security Matters

Wi-Fi has become the backbone of modern communication, powering everything from personal smartphones to enterprise systems. But because it uses wireless radio waves, it’s much easier for attackers to intercept or manipulate data compared to wired connections. Here’s why securing it is essential:

• Protects data confidentiality: Prevents hackers from reading sensitive information (passwords, banking details, messages).
• Prevents unauthorized access: Only trusted users should be able to connect to your Wi-Fi.
• Ensures integrity: Integrity ensures data isn’t tampered with while in transit
• Protects devices and networks: Strong Wi-Fi security safeguards not just the network but all devices connected to it

Common real-world breaches due to weak Wi-Fi security

Most breaches occurred due to weak encryption (like WEP), open Wi-Fi, poor authentication, or outdated protocols (WPA2). Here is a list of common real-world breaches caused by weak Wi-Fi security:

1. TJX Companies Breach (2007 – Retail Chains like TJ Maxx)

In 2007, TJX Companies suffered a massive breach because their Wi-Fi used weak WEP encryption. Hackers cracked the key, intercepted payment traffic, and stole over 45 million credit card details. This cost the company about $250 million. It is caused by using outdated Wi-Fi security like WEP makes it easy for hackers to steal sensitive data. Always use stronger encryption (like WPA3).

2. Marriott Hotels Data Breach (2014–2018)

In the Marriott Hotels breach (2014–2018), attackers took advantage of poorly secured Wi-Fi and vendor systems. Through these weak points, they gained access to Marriott’s internal networks and stayed undetected for years. This led to the theft of 500 million guest records, including personal details, credit card numbers, and even passport data. It is done due to Weak Wi-Fi security can open the door for attackers to steal massive amounts of sensitive customer data.

3. Manchester United Cyberattack (2020)

Hackers exploited weak Wi-Fi and remote network settings at Manchester United. This attack disrupted the club’s critical IT and communication systems, forcing parts of the network offline. The club suffered major financial losses and reputational damage as a result, Weak Wi-Fi or remote access settings can let attackers shut down essential systems and cause huge business losses.

4. Public Wi-Fi Attacks (Ongoing – Coffee Shops, Airports, Hotels)

Public Wi-Fi networks are often open and unsecured, meaning they have no encryption. Hackers exploit this by launching Man-in-the-Middle (MITM) attacks to steal logins, inject malware, and capture private data. This results in identity theft and financial fraud, affecting thousands of users every day.

5. KRACK Attack (2017 – WPA2 Flaw)

The KRACK attack exploited a flaw in the WPA2 handshake process, which allowed hackers to intercept and even alter Wi-Fi traffic that was thought to be secure. This vulnerability affected almost all Wi-Fi devices worldwide until security patches were released.

Why LAN is More Secure than Wi-Fi

LAN is used over Wi-Fi because it is faster, more stable, more secure, and better for high-performance tasks. Wi-Fi is convenient for mobility, but LAN is preferred when performance and security matter.

Physical Access Required

• In a LAN (wired network), an attacker must physically plug into the cable or switch to access the network.
• In Wi-Fi, attackers only need to be within range of the signal to attempt hacks (like sniffing, MITM, or cracking passwords).

Lower Risk of Eavesdropping

• LAN traffic stays within cables, making it hard for outsiders to “listen in.”
• Wi-Fi transmits data over the air, which can be intercepted if encryption (WPA2/WPA3) is weak or misconfigured.

Resistance to Rogue Devices

• LAN requires physical access, so it’s easier to control and monitor connected devices.
• Wi-Fi is more vulnerable to rogue access points (Evil Twin attacks), where hackers trick users into connecting to fake Wi-Fi.

Better Control & Monitoring

• Wired LANs usually exist in restricted environments (offices, data centers) where access can be physically locked down.
• Wi-Fi signals extend beyond walls, making it harder to restrict who can attempt to connect.