Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

There are several trends in information security that are gaining in relevance. Three of these trends are:

  • Wireless Security

  • Mobile Security

  • Bring Your Own Device (BYOD)

In this chapter, we discuss Wireless Security and Mobile Security briefly.

Wireless Security

Wireless communications use radio frequency carriers which carry the information. These may be direct communications between two wireless devices or these communications may be routed through a wireless network, such as through intermediate communication devices. Personal computers, laptops, smartphones, mobile phones, and tablets communicate with each other through a wireless network. Modulators, transmitters, wireless networks, receivers, and demodulators ensure that the messages initiated at one place are received and understood at the intended place.

Wireless communication has gained more prominence in the last five to ten years even though it has been in place for more than 100 years. Increasingly more organizations have started using wireless communication as it is easy to set up and removes some of the limitations of the wired communication structure. It does not require extensive cables to be laid through the walls, ceilings, or floors. In many instances, it is also cost effective compared to the cost of a wired structure. Further, access points are also movable easily. Systems can be moved from one place within the organization to the other and yet can access the network through wireless access points. Further, wireless communication can be used to complement or extend the wired communication structure. Wireless is used primarily in the context of the organizations and homes as wireless local area networks and is popularly known as Wi-Fi. The base standard or specification for this is IEEE 802.11. Various devices connect to the other network resources including the internet through wireless access points. Wireless access points connect you to a wired network or directly to the internet. The systems and the devices which connect to the wireless access point are known as stations. The stations need Wi-Fi adapters to communicate with the wireless access point. Wireless access is also possible through 3G or 4G USB based data cards which can be used as a hotspot by other connecting client devices. Further, it is also possible to connect two or more LANs using a wireless network. Worldwide Interoperability for Microwave Access (WIMAX) and Bluetooth are other wireless technologies which provide wireless access.

While it has provided ease of use, cost effectiveness, and ease of implementation it also has certain information security issues which have to be considered. While there has been extensive work carried out to improve the information security scenario of wireless communication, there are many concerns and limitations at this time. Wireless networks support limited bandwidth and when more computers use the access points, the performance suffers. Also, improvements to the wireless technology may require the equipment to be replaced. Further, plain text communication through wireless is prone to sniffing, eavesdropping, man-in-the-middle attacks, and the like. Misuse of your wireless network for illegal activities by others including hacking other systems is dangerous.

One of the solutions provided for some of the information security issues on wireless is encryption. Even though encryption of wireless communication is implemented by most, some of these are still prone to information security breaches. The two Wi-Fi encryption standards are Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). While WEP can be easily cracked, WPA has been found to be more effective. The biggest issue with WEP is the use of weak initialization vectors, among others, including password cracking and lack of effective key management mechanisms. WPA2 Personal and WPA2 Enterprise are the most widely used versions of WPA protocol. These use Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES) and CCMP or Extensible Authentication Protocol (EAP) for encryption and authentication mechanisms. While WPA2 Personal uses a pre-shared key, the WPA2 Enterprise uses Extensible Authentication Protocol (EAP) or RADIUS server for centralized authentication of the clients. Pre-shared key should be strong enough to avoid the possibility of dictionary attacks or cracking through brute force mechanisms. In order to increase the security of the communications in corporate organizations, virtual private network (VPN) technology can be additionally used. Further, ensuring strong encryption mechanisms like WPA2 Enterprise with appropriate settings on the client machines will aid in avoiding the attacks complemented by strong authentication mechanisms provided through an authentication server.

Each Wi-Fi network is identified through a Service Set Identifier (SSID). It is advised that this SSID is changed to a name that is neutral in representation and does not unnecessarily attract attackers / hackers. This is the identifier among the access point and the clients. The Wi-Fi network broadcasts the SSID as a part of the frame-header. Even if the broadcast of SSID is disabled it can be still be found out easily by the attackers using the frames, which clients use when they associate with the access point.

Wi-Fi authentication can happen using a centralized authentication server, open system authentication, or shared key authentication by the access point. It is strongly advised to use either shared key authentication or authentication through a centralized authentication server. Corporations are advised to always use the centralized authentication server. Further, to strengthen the authentication process MAC filtering may be enabled.

Various discovery and analysis tools are available for free or for a price. These enable the analysis of the wireless frames and man-in-the-middle attacks, including denial of service attacks, by sending fake packets or sending fake Clear to Send (CTS) signals in the name of a fake client making other clients wait indefinitely for their turn.

War-Walking and War-Driving are two popular methods wherein the attackers / hackers walk around or drive around with their laptops with Wi-Fi identification / analysis tools, connected with powerful antennas. They will identify open wireless networks and can use such networks for malicious activities, for sniffing the communications thereon, or initiate attacks on others using such networks including the connected networks. The tools like NetSurveyor, NetStumbler, WiFi Hopper, and Meraki WiFi Stumbler allow for easy network discovery. Additionally, mechanisms like MAC spoofing, unauthorized association, and adhoc association are the ways in which wireless networks can be attacked. Similarly, various client and access point misconfigurations allow for attacks by the attackers. Further, wireless traffic analysis may be carried out by the attackers to identify wireless vulnerabilities which may be exploited by them.

Another big issue with wireless networks is the use of rogue access points. These may be setup with the same SSID as that of the organization, but just outside the boundaries of the organization. These may be used by the organization’s personnel who think they are genuine access points. The unfortunate result of rogue access points is they provide the attackers with the means to capture the information flowing through them. Similarly, the attackers can set up access points with renowned SSIDs that users may think are legitimate; users may expose information flowing through the access points to the attackers.

Powerful jamming signals can be used to jam the entire Wi-Fi network of an organization and thus ensure denial of service. Many of the jamming devices are available easily in the market.

We sum up the discussion above with some of the best practices to avoid / reduce the propensity for wireless attacks:

  • Ensure that the default SSID is reset at the beginning into a neutral name so that it does not have the corporate entity name etc. which may entice or attract the attacker.

  • Ensure that the MAC filtering is enabled on the router or the access point.

  • Enable a firewall between the access point and the internal network for corporations.

  • Ensure that the encryption is enabled.

  • Ensure that the pass-phrase is periodically changed.

  • Ensure that a strong access password is set on the router.

  • Ensure that the strength of the wireless signal is not high so that it cannot be accessed from the outside of the organization.

  • Use VPNs additionally for secure communications for corporations.

  • Use better encryption mechanisms like WPA.

  • Ensure that you use a centralized server for authentication for corporations.

  • Do not allow access points to be accessed by others. Secure them.

  • Ensure that the drivers are up-to-date.

  • Use Wireless Intrusion Prevention Systems if possible.

  • Carry out periodic audits of your wireless systems and fix any issues found.

  • Carry out a penetration testing at least once a year on your wireless network system and ensure that the issues found are fixed appropriately.

Bluetooth Technology and Security

Bluetooth is the wireless communication technology that is used for short range communication (usually about 25 feet). This technology is used for transferring the files between one mobile device to the other (e.g., from mobile phone to the laptop or laptop to the mobile phone, etc.). As the range of communication is short the possibility of hacking it is less but cannot be denied. Bluetooth can be set to discoverable, limited discoverable, or non-discoverable mode. It can also be set as pairable mode or non-pairable mode. For the communication to be established, the two devices that want to connect with each other need to be paired. The Bluetooth devices communicate with each other using adhoc networks and hence are prone to attacks, such as denial of service, pumping of unwanted and unsolicited messages to the connected devices, and copying of the files from the connected devices.

It is advised that the users set the Bluetooth to off and enable it only when required. Otherwise, by default they need to configure it as non-discoverable and non-pairable and enable them to be discoverable and pairable only when required to provide access to or from other devices. If the Bluetooth is enabled and the configuration is in pairable mode, then other devices are able to connect and copy the files or information from the connected device. Mobile phones of others may be used by the attackers of Bluetooth to send messages to others. Similarly, malicious code that can control the mobile phones may be installed by the attackers using the Bluetooth technology and then the attacker can have complete control over the phone of the victim. Contact details can be stolen and misused. Other mobile phones can be used for making phone calls or for connecting to the internet. Further, Bluetooth protocol related vulnerabilities can be exploited by the users.

Some of the best practices to ensure security of the Bluetooth communication are as follows:1

  • Have the devices securely with you or store them securely when not used.

  • Ensure use of pre-shared key authentication and encryption for the Bluetooth communication.

  • Enable Bluetooth only when required to communicate. Ensure that the Bluetooth is set to non-discoverable and non-pairable mode. Use discoverable and pairable mode only when you need to connect to other devices or vice versa.

  • Remove stolen or unwanted devices from the list of paired devices.

  • Carry out the pairing of the devices only in a secure area. Have the paired device as near as possible to the other device with which it is pairing.

  • Ensure that anti-virus systems are in place.

  • Ensure that the device firewall is active.

  • Ensure regular patching of the Bluetooth devices.

Mobile Security

Mobile phones, smartphones, and tablets are being widely used now-a-days. Various operating systems are used in these mobile devices. Mobile devices are being used for transacting on the web, sending e-mails, instant messaging apps / tools, gaming, and various official / personal purposes. Mobile apps are being used heavily by the users of these devices as most of them are free or are available at very low cost. Mobile devices have made the lives of users easy and more active; however, at the same time they have created a number of security issues and all of us need to be concerned about them because many of us may be using the same mobile phone for both personal and work use.

The primary security concern is that mobile phones and the information they contain can be easily forgotten somewhere or stolen, allowing for unauthorized access to personal information such as login ids, credit card details, and passwords.

Additionally, the security of the various games or apps we download is questionable. They may have been created with malicious intent and can infect your mobile device in a manner that allows it, or the information it contains, to be misused by attackers. Additionally, these apps could be tracking your activities, further exposing you to theft and fraud by the attacker.

Many of the underlying operating systems themselves may have multiple security issues. These security issues / vulnerabilities may be misused by the attackers. Many of these may be found out by the attackers / hackers themselves and may not be known to the genuine users even though some of them may be known to the vendors of those operating systems concerned.

Unfortunately, many of us do not have anti-virus software installed on our mobile phones. It is advisable to install good anti-virus software that can reasonably protect your mobile phones from malicious attacks, such as Eset, AVG, Avast, Norton, or McAfee. Furthermore, each of us needs to review all the settings and see that they are appropriately set. Unnecessarily enabled settings / features need to be disabled.

Some of the best practices for information security of mobile devices are:

  • Do not carry out rooting or jailbreaking of your operating system.

  • Ensure encryption of the device.

  • Ensure to download apps from only authorized stores. Do not download unknown apps or even known apps from other untrusted stores or web sites.

  • Ensure regular updates and patching of the mobile operating system and the apps, particularly those with security implications.

  • Ensure that the mobile devices are always held with you and are not handed over to others in your absence. Do not leave them in public places. Always keep them locked with a strong PIN.

  • Do not open links from unknown sources on your mobile.

  • Use strong encryption mechanism while using Wi-Fi.

  • Transfer confidential data and other sensitive information from your mobile phone to other secure devices or secondary storage devices under your control. Have only limited data on your mobile at any point of time.

  • Do not access secure websites using unsecured Wi-Fi connections. It is possible in such cases that your credentials are captured or sniffed by others.

  • Ensure that your phones are configured to be locked after a certain amount of idle time.

  • Enable remote wiping so that the data on the mobile can be wiped-off if it stolen or lost. In cases of phones used by corporate employees enable Mobile Device Management software.

  • Disable unwanted settings. Enable them only when required.

Chapter Summary

  • We highlighted three important current trends related to information security: Wireless Security, Mobile Security, and BYOD.

  • Wireless communication uses radio frequency carriers. Wireless communications can occur between two wireless devices, or over a wireless network when a wireless device connects to a wired network.

  • Ease of use including the mobility of access points and no need for extensive cabling, comparatively lower cost of installation and administration, connectivity to wired network or internet and ability to work on multiple types of networks like 2G/3G etc. have provided fillip to the wireless networks.

  • Wireless networks also bring out a few security issues like possible compromise of the encryption provided by the protocols like WEP. The ease of capturing SSID or learning communication details from clients when they associate with an access point is a matter of concern. WPA2 Personal and WPA2 Enterprise are the most used encryption mechanisms by wireless networks.

  • War Walking and War Driving are the mechanisms used by the attackers to understand the presence of and weakness of the wireless networks / access points, and exploit them by sniffing, eavesdropping, or misusing them. Rogue access points misleading genuine users and sniffing / capture of wireless communication contents is another important threat to corporations. Additionally, mechanisms like MAC spoofing, unauthorized association, and adhoc association are ways in which wireless networks can be attacked.

  • We also discussed some of the best practices that may be used to reduce the potential for attacks on wireless networks.

  • We explained Bluetooth Technology and its Security. Bluetooth technology is a wireless technology for short range communications and is used to transfer data / files between two mobile devices. Even though propensity for misuse of the Bluetooth technology is less it cannot be denied.

  • Pairing is an important aspect to enable data transfer. Bluetooth switched off, not paired and non-discoverable Bluetooth devices are not prone to security issues. Some of the best practices like keeping the Bluetooth in off-mode when not required, removing the pairing when the work for which the other device was paired is over, making the device not discoverable when not required, etc. allow better Bluetooth security. Otherwise, files can be copied, contacts and addresses can be stolen, malicious software can be installed thus leading the attacker to have control over the other device by using the Bluetooth technology. Also, credit card data, login ids and passwords, and other confidential information stored thereon may be misused by the attackers.

  • Then we discussed Mobile Security. Mobile phones, smartphones and tablets are widely used now. They have made the life of people lively and active. They have many uses to people. However, usage of the mobile devices for both personal and official purposes exposes them to higher security risks.

  • The potential for mobile devices to be forgotten, lost, or information on the mobile devices to be stolen, the potential for stealing of the information on these mobile devices through malicious apps or by exploiting the weaknesses of the underlying operating system or by exploiting inappropriate or improper settings leading to security vulnerabilities, and not having the protection of anti-virus software are some of the security issues which should be addressed by all.

  • We provided a list of best practices that users of mobile devices can use to have better mobile security.