We discuss the following topics in this blog:
- What can we do to Protect our Network and Data From Predators?
- What are FragAttacks?
In addition to these topics, we shall also be answering the following FAQs:
- What is WiFi?
- What is IoT?
The modern world we live in is highly dependent on technology and equipment for our comfort and convenience. But, like all others, this also is a double-sided coin with concerns of security and privacy looming upon us. With everyone wanting high speed and easy to access the internet, we have WiFi networks everywhere. However, while we go on using these for our everyday lives, it is important to question how secure is our home WiFi router?
What can we do to Protect our Network and Data From Predators?
It is important to know that WiFi encryption has been attacked in the recent past for the weaknesses within WPA2. The WPA2 is what protects all the modern-day WiFi networks and makes them safe to work with. The weaknesses are often exploited by hackers by making use of the Key Reinstallation Attacks, also referred to as KRACKs.
This allows the attackers to gain access to the information that you would consider to be safe and secure. The information could include passwords, photos, credit card details, emails, etc. According to research, it was found that the main issue lies with the standard WiFi itself and not the models or products. It was also noted that Apple, Android, Windows, and Linux were all affected equally by the attack variants.
What are FragAttacks?
In another research conducted in May 2021 to study this further, there were a collection of flaws that were found within the WiFi protocols. This group of flaws is categorized under the term ‘FragAttacks’: a combination of fragmentation and aggregation and is related to the way WiFi handles the huge amount of data.
Known to be quite harmful in nature, FragAttacks give the attackers the ability to access the WiFi radio range of a device to collect the information of its owner and insert some malware that would compromise the device and its functioning. This is possible even for those devices that are protected by WiFi security protocol like WEP, WPA2 or WPA3. While most of the vulnerabilities that FragAttacks take advantage of are related to how manufacturers of WiFi devices implement the technology, some of these also have to do with the flaws in the design of the WiFi standard itself.
FragAttacks contains a total of 12 different vulnerabilities, and each of these works in a different way. These vulnerabilities have been assigned a Common Vulnerabilities and Exposures (CVE) identifier. They can be bifurcated into two major categories: Implementation Vulnerabilities and Design Vulnerabilities.
Having made significant advancements in technology and gotten access to improved versions of WiFi security, it does come as a surprise that the vulnerabilities in the system still exist. The latest security systems went through a number of improvements which were supposed to make WiFi safe to a large extent. However, the parts of WiFi that were not widely studied have shown to have design flaws that make it unsafe.
WiFi flaws are used by attackers to steal personal information or attack the device that is connected to your home network. An example of the first situation would be where an attacker targets the design flaw which allows them to set up a fake website by replicating an authentic website. This would give the attacker access to your username and password.
The second type of attack mentioned above is related to FragAttacks. Smart home devices and IoT devices are often left without updates. This results in lack of security and leaves a secure WiFi connection as the only line of defence. But it is important to note that this defence is not enough given the implementation vulnerabilities discussed above. An outdated device and system can be easily hacked into and taken control by the attacker.
So as we continue to get more connected, know that the existence of malicious users will rise as well. This is one of the major reasons why experts recommend using security patches to avoid all possible risks and threats. Many vendors have released software and patches for a range of products that would help cover the gaps. Besides this, updating devices and the WiFi infrastructure will also go a long way in strengthening your wall of defence against possible attacks.
What is WiFi?
Put simply, WiFi is a technology that uses radio waves to create a wireless network through which devices like mobile phones, computers, printers, etc., connect to the internet. A wireless router is needed to establish a WiFi hotspot that people in its vicinity may use to access internet services. You’re sure to have encountered such a WiFi hotspot in houses, offices, restaurants, etc.
To get a little more technical, WiFi works by enabling a Wireless Local Area Network or WLAN that allows devices connected to it to exchange signals with the internet via a router. The frequencies of these signals are either 2.4 GHz or 5 GHz bandwidths. These frequencies are much higher than those transmitted to or by radios, mobile phones, and televisions since WiFi signals need to carry significantly higher amounts of data. The networking standards are variants of 802.11, of which there are several (802.11a, 802.11b, 801.11g, etc.).
What is IoT?
IoT or Internet of Things refers to a network of physical devices (embedded with intelligence and technologies) connected to the internet to share and collect information. The term Internet of Things was first coined by British technology pioneer Kevin Aston in 1999. The rise to IoT has been mainlyImagee to the following reasons: access to low-cost, low-power sensor technology; ubiquitous connectivity, Cloud computing platforms, Machine learning & analytics, and Conversational artificial intelligence (AI).
In a typical IoT environment, data is collected via smart sensors (like GPS, Accelerometer, Camera, temperature sensor, etc.), i.e., it could be as simple as taking temperature data from the surrounding. Next, the data is sent to the cloud. The sensors could be connected to the cloud via Satellite/ WiFi/ Bluetooth/ Cellular/Ethernet. As the data reaches the cloud, it undergoes data processing and analytics. Once the data is aligned to the specific use case, it can be sent to the user device of choice, laptop/computer via email/text/notification, etc. When IoT devices talk to each other, they can use various standards and protocols, for example, WiFi, Bluetooth, ZigBee, Message Queuing Telemetry Transport (MQTT), etc.
With the potential of converting any physical device into an IoT-powered device and negate the need for human intervention, the technology is set to transform across every possible sector. The major industries that will benefit from IoT will be:
a) Manufacturing (Quality Control, Predictive Maintenance, Smart Packaging, etc.
b) Automotive (Fleet & Driver Management, Real-Time Vehicle Telematics, IoT based Predictive, In-vehicle Infotainment maintenance, etc.)
c) Transporation and Logistics (Inventory tracking and warehousing, Location management systems, Drone-based delivery, etc.)
d) Retail (Automated Checkout, In-store Layout Optimization, Robot Employees, etc.)
e) Finance (Auto Insurance, IoT enabled Smart Payment Contracts, Account Management)
f) Healthcare (Remote patient monitoring, robotic surgeries, Ingestible sensors, etc.)
g) Public Sector ( Infrastructure management, Disaster management, Law enforcement)