Wi-Fi is the technology that connects our devices to the internet using a router. The router acts as a bridge, linking devices wirelessly to a wired internet connection.
Devices connect to Wi-Fi by selecting a network's unique SSID (Service Set Identifier) and entering the correct password (pre-shared key or PSK). Once connected, each device gets an IP address to enable communication within the network, similar to joining a trusted group.
Most businesses rely on Wi-Fi to provide affordable, flexible Internet access to employees. Instead of wired connections, Wi-Fi creates a network where devices can interact seamlessly. While this enhances efficiency, Wi-Fi broadcasts the network’s SSID, which malicious actors can exploit.
- Evil Twin Attack: The attacker creates a fake access point with a name close to the real one (e.g., "Home_Internet" vs. "Home_Internnet"). Users are disconnected from the legitimate network using de-authentication packets, leading them to connect to the attacker’s stronger signal. Once connected, the attacker can monitor internet traffic.
- Rogue Access Point: This is an unauthorized Wi-Fi network set up by an attacker near the target organization. Devices with auto-connect settings may join it unknowingly, allowing attackers to intercept sensitive communications.
- WPS Attack Wi-Fi Protected Setup (WPS) allows quick connection using an 8-digit PIN, but this convenience makes it vulnerable. Attackers initiate a WPS handshake with the router, extract data, and use brute-force methods to retrieve the PIN and the network’s PSK.
- WPA/WPA2 Cracking Wi-Fi Protected Access (WPA) protocols secure Wi-Fi with strong encryption but depends on a strong password. Attackers can capture the 4-way handshake during a reconnection attempt by sending de-authentication packets to legitimate users. The captured handshake is then brute-forced or subjected to dictionary attacks to crack the password.
