WiFi Eavesdropping: Attack Overview and Challenegs

Wifi Eavesdropping

Abstract – Below report describes about Wi-Fi eavesdropping, then an explanation on how it works and then further tells about its latest and most famous attacks in the world. In addition to this, report also highlights on the issues, about whom we should be worried about as they can easily affect our servers or the database or our laptops or may harm the users also. As nowadays in today’s world everyone has started using Wi-Fi, because of the convenience it provides and thus creating an easy prey for the attackers. 

Keywords – threats, servers, databases, laptops, users

I.     Introduction

In simple words, eavesdropping means spying on somebody’s personal information without there permission. It’s an attack that takes place over the internet, where the signal gets obstructed by an attacker in an unauthorized illegal way. In this attack the data is not at all tampered, but it gets easily accessible to the attackers.

Eavesdropping can take place in two ways either through the wires or through the wireless medium. Use of wire for eavesdropping is tough as it involves the usage of network test access point or a hardware device that helps in accessing data packets flowing over the internet. So sometimes this way seems to be very risk and cannot be done until attacker gets in contact with wire of that network, and thus making it impossible also.

So now when spying is done using the wireless medium, it becomes easy as the chances of getting caught are less as compared to the wired attack. The eavesdropper just needs to have Wi-Fi adapter working in un-restricted mode in the computer, which makes an easy path for a network device to obstruct and listen to each data packet including the ones which have different address, but they needs to be in the Wi-Fi range and along with this a software is required that supports eavesdropping through the wireless device, i.e. Wi-Fi. This Wireless Fidelity comes from the 802.11, which is a family of specifications for many evolving wireless local area networks. [1]

Penetrating devices for example the VoIP phone, can be done easily by activating the speaker functionality remotely for spying on the owner. Laptops and cell phones, which have microphones in it, can be hacked remotely with the activation of there microphones and then separately sending data packets to the eavesdropper.

Eavesdropping works well when the data captured has been encrypted by a known encryption method otherwise it becomes less useful and even worthless also.

Use of some physical tools and computer programs makes spying easy for the eavesdropper.

Many physical tools which provides the facility of un-restricted mode, for example Prisme2 adapter, simplifies the eavesdropping using antennas, which are of very high-power capabilities, helps in obstructing the data miles away without any disturbances.

Figure1.  Customized Prism2 card [2]

Figure 2. Wireless Antenna [3]

Computer programs can be easily found on the internet in less price and sometimes these tools come free of cost also. Few examples of such software tools for Wi-Fi are Commview, Wildpackets Network monitor, Kisemet, Wireshark, Wireless monitor, Aircrack-ng, Hitchhiker, Javvin packet analyzer and Network Stumbler Wireless Packet Sniffer.

Data, visual images and audio communications can be intercepted by an electronic device which is known as eavesdropping equipment. Such as, any file downloads, description of pages in a website and last being the mails which are sent and received over the network.

If someone wants to record his own conversation with some other person, then its legal to use eavesdropping tool otherwise its illegal and crime in most of the countries. So before buying such kind of tools, which are sold all over the globe over the internet, one should keep this thing in mind before performing any kind of spying on someone’s personal data. [4]

II.    what can wi-fi eavesdropping do?

A.    Reason behind the fact that attacks over Wi-Fi are easily compromised is:

As the users of Wi-Fi have been continuously increasing day by day all over the world and till now according to the Internet Statistics 2018, the figure is 3.95 billion. Now this open internet facility is mostly unsafe and allow un-authorized person to take advantages of the same. The problem is that very few people understands the risk behind these open networks and the workability of this open network is so easy, that these are available in ready to use in states as soon as the user gets it. Hence both the conditions help eavesdroppers to take advantages of these open networks.

The technique of tracking and use of Wi-Fi access points during motion is knowns as Wardriving. So, this technique helps the attackers to receive data packets that have been transmitted through the Wi-Fi signals.

B.    What it can reveal?

Through Wi-Fi eavesdropping, one can capture passwords or card details or the data which user gives on the websites, specially those websites gets compromised who does not have Secure Socket Layers for encryption such as Internet Message Access Protocol/Post Office Protocol version 3 for e-mails and then the File Transfer Protocol for files. Eavesdroppers can also hack user’s login details to decoded websites such as Twitter and Facebook. Attackers can also retrieve files even when the user works in a private area network. [5]

Banking sites are also prone to the Secure Socket Layers vulnerabilities. Some of the famous targets made by an eavesdropper are:

1.       Emails
2.       Passwords
3.       Documents
4.       Browsing history
5.       Login details
6.       FTP login details
7.       FTP documents
8.       Chat details
9.       Digital communication files
10.    Web addresses
11.    Virtual Network Computing sessions
12.    Information about encrypted transfers
13.    Every transmitted file
14.    Details of Voice Over Internet Protocol
15.    Every encrypted site. [6]

Eavesdroppers are very skilled in finding and exploiting vulnerabilities over the Wi-Fi. Sometimes they can easily cross the security process and can have command over user’s network. Once user’s network has been accessed then they can perform various illegal actions such as copyrighted material gets compromised along with the secured contents. The most dangerous step they can perform is access of user’s sensitive information and then demands a very big ransom. Hence, a lot of things can be at risk through Wi-Fi eavesdropping. With the use of correct tool, a beginner can also access user’s data easily.

III.   recent high-profile attacks

A.    Attack on City’s Public Wi-Fi network:

An Israeli, in 2016, hacked the entire city’s open Wi-fi network such that he was able to access personal data of thousands of people. Amihai Neiderman, wanted to know that how much is the open networks secure? So, on his way back to home he connected to Wi-Fi and noted his internet protocol address. This was the public IP address, through which all Wi-Fi clients uses internet with the help of a router.

He discontinued the use of Wi-fi and started checking for any open ports availability and finds out that Wi-Fi was working on port 443. Then he checked thoroughly for any vulnerabilities and found one as buffer overflow. Now this vulnerability was something that he could use it easily for hacking the whole Wi-fi networks of a city. [7]

So, one can easily hijack a City’s Wi-Fi, being Public in nature.

B.    Threat in Air:

Again in 2016, Steven Petrow, USA’s Technology writer, was travelling in American Airlines flight and started using Wi-Fi, believing that it would be safe but then as soon as he reached terminal, he got to know that his files were hacked by a person who was travelling in the same flight with him. Steven was writing an article on the issues between FBI and Apple.

The amazing part of this attack was Steven did not know the reason behind this attack would be one of the outcomes of his story if Apple agrees to the FBI’s terms and hence the reason was, eavesdropper wanted to tell Steven of what it feels when someone accesses personal data without any authorization. [7]

C.    Attack through Internet of Things:

In July 2016, another attack came in limelight, which involved usage of all small appliances such as cell phones, dashboard cameras, irons and toasters, which were having the functionality of Wi-Fi and it was noticed that these appliances were incorporated with Wi-Fi chips which were spreading the malware.

China was responsible for this malware spread and Russians were the first who got to know about this through the variation in physical weight instead of its electronic usage. The chips were manufactured in such a way that they were able to detect Wi-Fi signals even from 200 meters and then started infecting other computers, accessing the confidential information or may even use the network for shooting the Denial of Services attack.

Everything was affected over the network with just the use of Irons or toasters or cellphones!

D.   Attacks due to the usage of default confidential data:

Another attack from the year 2016 happened when the default passwords of 55,000 wireless routers were compromised in United Kingdom. Due to the bad habit of users of not changing the default passwords have let eavesdroppers to access there data easily. Till now due to this mistake of users, countless attacks have been made.

E.    Attacks on Hotel’s Wi-Fi network:

 Nowadays, more than half of the hotels provides free Wi-Fi access along with the other hospitality services. But not many have idea that by providing an open network they are creating risks for all the people of a hotel. The Wi-fi of a hotel can be obstructed easily and thus disclosing all the people of a hotel to various cybercrimes.

A famous group of eavesdroppers also known as DarkHotel, executed attacks in Asia, in 2014 on many high-profile people who were living in lavish hotels. This attack was discovered by Kaspersky Lab. The attackers accessed everyone’s personal information so well that they even managed to wipe there traces of crime and no body could even found out that what was happened.

A senior Hamas authority was slaughtered in 2011, in Dubai, in a hotel because of the electronic key, which was disturbed by the eavesdroppers. So, it’s just not the sensitive personal information that can be accessed but sometimes may also lead to dangerous crimes. [8]

IV.   What we should be worried about?

Every device connected to an unsecured Wi-Fi network is at high risk and is need to be worried about. For example, if a security camera is connected to Wi-Fi network which is not secured enough, hackers can get access to the surveillance videos. So, now let’s look at few areas where we need to double check the security:

A.    Servers:

1. Packet Sniffer:

Eavesdroppers uses Packet Sniffer, to capture the traffic over the network, specially when a person wants to see his/her emails, at this duration attacker can easily see the session details of the user and uses the same details for logging into mail server. The problem is that the mail servers does not have security such that any data passed through this server is not encrypted and the reason behind this is the Wi-fi does not have anything encrypted over its network and hence every data packet transmitted is in clear text.

Through packet sniffing, wi-fi data is easily understandable and there are several other tools available free of cost which provides the same sniffing data. Eavesdroppers can also check online banking information or even some other confidential data, if this is done then it could be dangerous for every user surfing the net with the use of servers.

2.            Evil Twin:

Attackers can easily create the same wi-fi network name and thus making people think that this fraud network is the same as the original one. Due to the fast pace of technology, there are tools available in market, which can easily catch wi-fi signals, those who wants to connect to the fake network built. Once the connection is built between the user and fraud wi-fi router then dynamic host control protocol and domain name system helps the attackers to deviate the network through there systems, such that local mails, web and servers related to file transfers then runs the Man in the middle attacks. [9]

B.    Database:

 One of the secretive attacks on database was made Google, it was then in 2010 that German officials got to know that Google was spying on millions of data packets through open wi-fi networks and that too of more than 12 countries for a duration of three years. Google was collecting information through its Street view cars. So, it’s just not the one company that uses database of wireless open networks and there location but even other companies also uses the same for monitoring the location of physical devices.

Google then told that the case was “without merit,” and they have stopped spying through the wireless connections. [10]

C.    Laptops:

Honeypot attack: This attack is similar to the Evil Twin attack, where the eavesdroppers create a fraudulent similar access point to that of an original wi-fi access point and then as soon as the user gets caught in the prey, they start accessing there sensitive personal information. There are several tools available in the market such as Hot spotter, which easily helps in creation of fake access points.

In a latest research, it was observed that the percentage of laptops were 56, who were displaying there wi-fi networks, which they believed to be very safe and then the percentage of them who said yes for an unsafe connection was 34. [11]

This free label is very dangerous, and people become happy as soon as they see an open wi-fi connection without even thinking about the risks that comes in open fake access points. For example, it happens in every Airport around the globe that a lot of people are waiting for there flights and meanwhile they think of using the free wi-fi to pass there time. Some people might do bank transactions at the airport and thus any eavesdropper can hijack there bank credentials using the Evil twin attack.

It is very difficult to distinguish between the safe and unsafe access points. Wi-fi eavesdropping can be done anywhere on any laptop. Many broadband companies do not take responsibility of users if they do not change there default passwords in the laptops and hence this could lead to all the files exposure along with the services also.

D.   Users:

1. Fetching of Login details:

After discussing the risk of using fake access points, we should not neglect the fact even the real wi-fi network can be hijacked by the eavesdroppers for the retrieval of login credentials. As discussed earlier problem with the wi-fi network is that packets are transferred in plain text rather than in encryption formats.

From 2016 research it was noted that the percentage of people logging into there personal mail accounts was 58, then the percentage for watching videos or images or any social entertainment related media was 56 and then the percentage of banking or any financial logging made was 22.

Thus, we can interpret from the research that there was a lot of data that eavesdroppers would easily access. They just need to use the captured credentials for the direct access of user’s personal data or they may even further send user’s details to other parties and hence damaging the identity over a wider area. [12]

2.            Viral Infection:

Viruses and Malwares can easily spread over the network and hence all the users connected to same access point gets affected. Eavesdroppers can have bots configured for building the environment of Denial of service or Distributed denial of service attacks for the targeted device or network.

Now this one-shot attack on several users can also lead to spread of ransomware.

conclusion

After knowing all the risks that open wi-fi possess, we should be very careful while using the free access points. Some best ways to prevent wi-fi eavesdropping is by using the Virtual private network or at least the networking sites which a user uses should have Secure socket layer security.

References

[1]      https://ieeexplore.ieee.org/abstract/document/4085590www.london-wifi.com

[2]      http://web2.uwindsor.ca/courses/cs/aggarwal/cs60564/Assignments2Project1/FadiFarhatAssignment2.dochttp://www.tscmvideo.com/eavesdropping/eavesdropping-device.html

[3]      http://techgenix.com/protecting-against-wi-fi-eavesdropping/

[4]      https://thevpn.guru/wifi-eavesdropping-hackers-use-unsecured-connection/

[5]      https://www.titanhq.com/biggest-wi-fi-hacks-of-2016-lessons-learnt

[6]      https://resources.infosecinstitute.com/attacks-on-hotel-wi-fi-networks/#gref    

[7]      https://www.esecurityplanet.com/views/article.php/3869221/Top-Ten-WiFi-Security-Threats.htm

[8]      https://www.wired.com/2013/09/google-wi-fi-do-over/

[9]      http://blog.privatewifi.com/how-wifi-hotspot-hacks-occur/

[10]   https://www.finjanmobile.com/the-dangers-of-using-unsecured-wi-fi/