The Korean Register issued its cybersecurity newsletter focusing on cyber security issues which play a major role in the shipping industry, affecting operations and seafarers. KR presents the example of wireless LANs, which are vulnerable to different attack methods than wired LANs.
#1 wiretapping
It is stated that the most fundamental problem of a WLAN is “wiretapping”, also known as eavesdropping. Wiretapping means that an unauthorized person can listen to internet traffic.
#2 denial of service attacks
A denial of service attack sends a large volume of wireless packets to wireless AP devices that provide wireless services and can disable wireless LANs.
#3 Rouge AP
An attacker illegally installs a wireless AP to collect data from WLAN users and finding the exact location of an illegal AP is very difficult.
#4 Weak wireless encryption method
WEP (Wired Equivalency Protocol) is an older and more vulnerable wireless data encryption method. The use of short initial vector (IV) value and incomplete RC4 algorithm makes it an ineffective method of encryption.
#5 Unauthorized access
A WLAN can be accessed if there is no authentication procedure. Unauthorized access can involve someone obtaining the Service Set Identifier (SSID) value and setting the acquired SSID value in the wireless terminal.
Steps to be taken to deal with the threat of WiFi wiretapping
- Access restriction through the Service Set Identifier (SSID) setting
SSID is the technical term used for a network’s name. A user who wants to access a WLAN service must identify a WLAN service nearby. If the user does not know the SSID, they will not be able to find a WLAN service to connect to.
When setting up the SSID, an administrator may choose not to broadcast the SSID (name of network), which will stop potential attackers from being able to eavesdrop. Access by authorized users will just be a case of the administrator disclosing the SSID to the user.
- Access restriction through Media Access Control (MAC) address authentication
Eavesdropping by attackers can be avoided by restricting MAC address authentication to a wireless AP or router.
A MAC address is an exclusive number that is assigned to a computer or router and allows an AP to connect to a network. An administrator can grant access to computers that have an authorized MAC address and it can be applied on the switch or the AP itself. However, this method can increase the load on routers or switches, so there are relatively few examples of it being applied to a router. Attackers may also cause a security breach through MAC Spoofing. Spoofing happens when attackers change their computer’s MAC address to one that has been authorized for another device (identity theft).
