Summers are usually the hottest time of the year. This summer was hot in a special sense.
Since their first day splone has had a strong partnership with Assecor. Their key services comprise IT consultancy and software development. Both, IT consultancy and software development, come hand in hand with security. As a consequence it's been years since our first collaboration. And since splone and Assecor wrote a lot of success stories the next logic step is to tighten the bond between both companies.
Since this summer splone is part of the Assecor family.
Last time we presented the main characteristics of the 802.11 standard, often simply referred to as Wi-Fi. This time we want to discuss specific security weaknesses and problems of Wi-Fi networks by presenting typical attack scenarios. This background knowledge will be useful when we will talk about the security of industrial WLAN in our following blog posts.
We will categorize the attacks into three types. There are attacks on the encryption, these are arguably the ones that get most media attention anytime a major issue was found. Another attack type are all kinds of Machine-in-the-Middle attacks that aim at getting information or manipulating traffic by impersonating a legitimate Access Point. The third attack type are availibility attacks that are ranging between annoyance and desastrous effects depending on how important connection to the network is.
Attacks on Encryption
A great amount of research has been done on attacks on the encryption of 802.11 networks. When the standard was introduced in 1997 the Wired Equivalent Privacy (WEP) method was proposed to protect wireless communication. As the name suggests the aim was to provide similar protection a cable would give with its physical barrier to intercept data. Despite these precautions, WEP and the following standards Wi-Fi Protected Access (WPA) and WPA2 were successfully attacked in one way or another.
The very first proposed encryption method (WEP) contained some serious flaws which were already found after some years. As the encryption scheme was inherently broken, it was not possible to fix these issues. Thus, the Wi-Fi Alliance introduced a complete new method in 2002 – the first WPA protocol. It was meant to be a temporary solution that works on older hardware. While releasing WPA, the Wi-Fi Alliance simultaneously worked on a follow-up standard (WPA2) which was released in 2004 to provide a reliable encryption for wireless networks.
WPA2 — properly configured — is still considered generally secure. Even the KRACK attack which received much media attention in …