As wireless networks and smartphones have become ubiquitous, wireless networks have become a prime target for cybercriminals. While the goal of a wireless network is to provide easy access to users, it can also serve as an open door for attackers. Unfortunately, many wireless routers are rarely, if ever, updated, leaving them vulnerable to known exploits.
There are several types of attacks that are specific for wireless networks including:
Wireless Access Control Attacks. Such attacks aim to penetrate a network by evading WLAN access control measures such as AP MAC filters and Wi-Fi port access controls. The attacks can take place through anything from rouge access points, MAC spoofing, ad-hoc associations, promiscuous clients, etc.
Wireless Integrity Attacks. In integrity attacks, the attacker sends forged control, data, and management frames over the wireless network to misdirect the wireless devices to perform DOS attack. This can happen through a range of methods such as data frame injections, WEP injections, data replay, etc.
Wireless Confidentiality Attacks. Confidentiality attacks attempts to intercept confidential information sent over the wireless associations, whether sent in clear text or encrypted by Wi-Fi protocols. This can be caused through eavesdropping, session hijacking, honey-pot access points, masquerading, evil twin access points, cracking WEP key or traffic analysis.
Wireless Availability Attacks. Such attacks aim to prevent legitimate users from accessing resources in a wireless network via various methods including beacon flood, authentication flood, routing attacks, etc.
Wireless Authentication Attacks. The objective of this kind of attacks is to steal the identity of Wi-Fi clients, their personal information, login credentials, etc. to gain unauthorized access to network resources which can happen over time through various methods including application login theft, PSK cracking, domain login cracking, VPN login cracking, etc.
To prevent such attacks from happening, wireless security audits are assessments conducted on wireless networks to identify vulnerabilities and risks to the confidentiality, integrity, and availability of wireless data and systems. The primary goal is to identify potential security threats and weaknesses in the wireless network infrastructure, access points, and wireless devices that could be exploited by attackers.
Our audit involves a comprehensive evaluation of the wireless network architecture, including wireless access points, routers, switches, and other components, to identify vulnerabilities in the configuration, deployment, and management of these devices. This also includes examining the security policies, access controls, encryption protocols, and authentication mechanisms in place to protect the wireless network.