Wireless and network related security.
With the high usage of wireless technology such as bluetooth, WiFi, IoT devices, radio, wireless system components, cameras, etc. more security related issues get discovered which can manipulate, crash or read the network traffic between the components.
Indications:
- Unknown or unprovoked activity from the connected devices or components.
- High internet usage from a router or an unknown device connected to the same.
- Change or errors in websites which work fine on any other networks.
- Modification of configurations or recordings in a network based device such as an IP camera.
- SSL certificate, DNS or any website trust related errors from multiple web browsers.
Steps to prevent:
- Up-to-date firmwares and devices are recommended to avoid attacks based on public exploits.
- Regular monitoring of health of the network. That is checking of DNS settings, network configurations, devices connected, etc.
- Wireless features such as bluetooth, GPS, WiFi hotspot, etc. should be disabled when not in use.
- Use of complex and regularly changing credentials for the network and configuration access.
- Secure software for setting up IP cameras, IoT devices, radios, etc. should be used.
- System components such as wireless keyboards, mouse, controllers, etc. should not be used in public spaces as anyone can interfere/control the components with the same key (used in same products by the same companies).
Mitigation:
- Full reset and change in credentials for a router or similar network-providing product can be used for blocking unwanted connections.
- Turning off outdated authentication methods or technologies such as PIN, WPA, WEP, etc.
- Public or internet access for components that don’t need it should be disabled. Such as IP cameras, radios, router remote management services, etc.
- Usage of VPNs can be helpful for surfing the internet safely in a public or untrusted network.
- If possible, modification of the default encryption keys/methods used by the wireless products can be used to avoid common attacks or interferences from devices of same model and company using the same key.