Rogue access points are installed on networks without authorization. They can masquerade as legitimate access points to trick users into associating with them. They can be used to conduct MitM attacks by deauthenticating users or posing as legitimate access points with more desirable connections in evil twin attacks.
Wireless signals are susceptible to interference and jamming. Attackers can deny wireless service by jamming Wi-Fi signals. Bluetooth can be used to send unauthorized messages through Bluejacking. Bluesnarfing occurs when an attacker copies information from a mobile device through a malicious Bluetooth connection.
Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) are security protocols that were designed to secure wireless networks. WEP had no provision for key management and so it was vulnerable to attack. To address this and replace WEP, WPA and then WPA2 were developed as improved wireless security protocols.
To enhance wireless security, it is important to use at least WPA2 encryption. Access points should be placed outside of the network perimeter, if possible. Use tools like NetStumbler to detect rogue access points. Permit only secure Wi-Fi guest access. Finally, employees should always use remote-access VPNs when connecting to the organization’s network over public Wi-Fi networks.
• Application Attacks—Cross-site scripting (XSS) is a common web application attack in which malicious code is inserted into a legitimate website. The victim’s browser executes the malicious code, which downloads malware, redirects to a malicious website, or steals information.
Injection attacks involve exploiting systems by inserting malformed data or commands in user input fields. They are especially common against databases. XML and SQL injection attacks corrupt databases or cause sensitive information, such as user credentials, to be revealed. Dynamic link libraries (DLLs) are software modules that are used by applications to interact with Windows. Attackers can inject malicious code into DLLs that will then execute when the DLL is used. LDAP injection attacks exploit input validation to execute queries on LDAP servers, potentially giving attackers access to sensitive account information.
Remote code execution allows a cybercriminal to take advantage of application vulnerabilities to execute commands with the privileges of the user running the application on the target device. Other application attacks are cross-site request forgeries, race condition attacks, improper input-handling attacks, error-handling attacks, and application programming interface (API) attacks. Additional attacks are replay attacks, directory traversal attacks, and resource exhaustion attacks.
To defend against application attacks, the first line of defense is to write solid code. All user input should be validated. Security testing tools should be used to evaluate code as it is developed and prior to deployment. Finally, all software, including operating systems, should be kept up to date.
Spam, also known as junk mail, is simply unsolicited email. Spam is usually a nuisance, but it can be malicious. Although spam filters are widely used, it is important that users know how to identify spam.
Phishing and spear phishing are attacks that appear to come from legitimate sources but want you to download files or submit confidential information. Spear phishing attacks are directly targeted at specific individuals. Vishing uses voice messages to attack. Pharming directs users to fake versions of legitimate websites. Whaling is phishing directed at high-profile users like executives, politicians, or celebrities.
To defend against email and browser attacks, organizations should use spam filters, deploy antivirus software, and educate users about network security.
Wow, did you know about all these bad things threat actors can do? I didn’t, but I’m glad I know more about it now. The awareness campaign should help college users recognize threats. I hope it helped you as well. But remember that threat actors constantly try to find a new way to take advantage of you or your company. So, there’s always something new to learn. Is there something else we should include in the awareness campaign? Will you share some of this information with family members or other users on your network? How can you protect yourself, your computer, and your company from these threats?
Practice
The following lab provides practice with the topics introduced in this chapter.