This paper examines cyber-attacks targeting wireless protocols, tracing the evolution of wireless networks from early systems like ALOHAnet to today's complex infrastructure. It surveys four major attack types—Man-in-the-Middle, spoofing, Denial of Service, and sniffing—detailing how each is executed and how each can be mitigated. The paper also identifies common wireless network vulnerabilities, including outdated WEP encryption, poor access point configuration, weak password management, and the absence of organizational security policies. Drawing on a range of cybersecurity literature, it concludes with recommendations for individuals, organizations, and policymakers to adopt proactive, collaborative strategies that keep pace with the growing complexity of wireless cyber threats.
Technology and the Internet of Things (IoT) has changed the world in multiple ways. It has been a source of efficiency for businesses, helped address a wide range of inconveniences that were commonplace in the past, and contributed toward making global interconnectedness a reality. However, as technology continues to advance, so does the risk of the same being used by criminal elements to further nefarious agendas. Cyber criminals and other actors have in the past found new ways to target computer networks and information systems via the deployment of a wide range of offensive maneuvers. As technology continues to evolve, so does cybercrime.
This paper concerns itself with cyber-attacks in wireless protocols. In so doing, it identifies the most common wireless protocol attacks and the most effective strategies that could be applied to prevent them. This is a topic worthy of exploration, as cyber-attacks are capable of causing serious disruptions, occasioning financial loss, or even triggering catastrophes of almost unimaginable proportions.
From the outset, it is important to note that no unified or standard definition of "cyber-attack" has been formulated. The term has been defined in various ways by various commentators and authors. According to Vacca (2016), a cyber-attack relates to attempts or efforts by unauthorized persons or parties to breach or gain access to a computer network or system in order to destroy, disable, alter, expose, or steal information — or for other related reasons, such as destroying or compromising the digital assets of another party. The National Institute of Standards and Technology (NIST, 2022) defines a cyber-attack as a malicious activity undertaken "for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information." Cyber-attacks on wireless protocols can therefore be conceptualized as acts of intrusion or penetration whose target is wireless networks.
Wireless networks have come a long way — from the seven-device ALOHAnet (which can be considered the very first wireless network) in 1971 to today's increasingly complex wireless network infrastructure, which incorporates various wireless technologies including, but not limited to, Wi-Fi (Osterhage, 2021). Prior to the introduction of wireless communication technology, network nodes were connected via cables, and a malicious third party needed physical access to a network jack or cable to perpetrate an attack. Wireless networks made it possible for devices to roam and maintain connectivity without being tethered to cables, offering individuals, organizations, and governments faster and more practical ways to conduct their affairs. With the increased utilization of wireless networks, cyber-attacks on wireless protocols have become far more common — further enabled by the relative vulnerability of wireless networks to intruders. Today, unlike the situation with wired networks, no physical access to devices on a network is needed for an intruder to perpetrate an attack.
Cyber-attacks in wireless protocols have the potential to cause victims significant loss on multiple fronts. Successful penetration or intrusion can result in disruption of operations, which in turn causes financial loss or reputational damage. According to Vacca (2016), in some instances the disruption of an organization's normal operations as a consequence of such attacks could derail functions and activities to such a degree that it triggers a chain of events that disrupts the delivery of crucial services — particularly when the target is a government agency. When wireless protocol attacks result in interception and theft of critical information through eavesdropping, spoofing, or session hijacking, the gathered data can be misused to commit fraud. Some business entities have suffered serious reputational damage after falling victim to data breaches, with suppliers and customers becoming reluctant to continue doing business with them.
It therefore follows that organizations and individuals alike should embrace the strategies highlighted in this paper in order to minimize their risk of becoming victims of wireless network attacks. With this in mind, it is important to highlight some of the common types of cyber-attacks in wireless protocols and the various techniques that can be applied to prevent them.
In a Man-in-the-Middle attack, an unauthorized third party infiltrates a network and monitors the traffic sent and received between two legitimate users, effectively becoming the "man in the middle." According to Wang and Kissel (2015), one common method used by attackers on this front is the evil twin attack, which involves establishing a wireless access point configured to mimic an existing network. As the authors observe, "the 'evil' access point cannot be distinguished from actual access points" (Wang and Kissel, 2015, p. 104). One effective strategy for minimizing the risk of this attack is data encryption (Wang and Kissel, 2015), which prevents an attacker from reading intercepted data even after successfully creating an evil twin.
In a spoofing attack, the attacker seeks to gain unauthorized access to a network by posing as a legitimate entity. Vacca (2016) notes that in most cases the intruder collects the network clients' IP addresses and Media Access Control (MAC) addresses using a wireless network-scanning software tool, then launches malicious attacks by utilizing those addresses to impersonate a legitimate user of the wireless network. Several strategies can be used to prevent spoofing. In IP spoofing, for example, packet filtering can be highly effective. According to Vacca (2016), in an IP spoofing attack the intruder modifies the sender's IP address with the address of another device and sends packets, leading the receiver to believe it is communicating with a valid device. An IP spoofing attack can be prevented through packet filtering because it helps "filter out and block packets that contain conflicting source address information" (Vacca, 2016, p. 137). Additionally, deploying an extra protection layer through the use of cryptographic network protocols may be necessary.
In a Denial of Service attack, the attacker's goal is to degrade or disable the target's network resource, system, or service — effectively making it unavailable to its intended users. The disruption may be indefinite or temporary. As Mayers (2019) indicates, DoS attacks are primarily not fashioned to seek unauthorized system access; instead, they seek to lock out legitimate users of a system. Attackers may disrupt the connection between two systems, or they may flood the target network with traffic to prevent legitimate network traffic from getting through (Mayers, 2019). Various strategies can be employed to prevent DoS attacks, including having multiple distributed servers, prioritizing network security through traffic-scanning barriers such as intrusion detection systems and firewalls, and monitoring for common DoS indicators such as slow performance and poor connectivity (Zhong et al., 2018).
Sniffing — also referred to as the passive reconnaissance method — is, according to Mayers (2019), a relatively common and straightforward attack on wireless networks. It involves tapping into or listening in on a network and, more specifically, intercepting wireless data being transmitted over an unsecured network. Following the installation of a sniffer, the attacker can collect frames for the purpose of cracking Wired Equivalent Privacy (WEP), harvesting MAC addresses, and more. Wireless sniffer attacks can be prevented by, among other things, avoiding insecure protocols and instead embracing secure protocols such as HTTPS and SSH. The use of VPNs provides an additional layer of protection.
There are a number of vulnerabilities that could make it easier for an attacker to successfully compromise a wireless network. Being aware of and patching these vulnerabilities is essential to ensuring they are not exploited. One such vulnerability is the use of the outdated and insecure WEP protocol. Some businesses continue to use WEP despite the introduction of far more secure wireless encryption protocols. More advanced and secure encryption standards, such as WPA3 and WPA2, should be adopted in place of WEP.
Another vulnerability relates to access point (AP) configuration. Schaefer and Rossberg (2016) note that in addition to ensuring proper AP configuration, there is a need to closely monitor that configuration so that appropriate measures can be taken in the event of undesired or suspicious events, such as a hardware reset. At the organizational level, the absence of an effective wireless network security policy is also a critical vulnerability. As Schaefer and Rossberg (2016) observe, "one of the first steps in providing wireless network security is to formulate effective policies and corresponding enforcement processes" (p. 199).
Other basic vulnerabilities relate to access point placement and password management. Ensuring that an access point is located where it cannot be physically tampered with is important; as Mach (2020) points out, a malicious individual could easily restore the factory settings of an access point if it is stationed in an area accessible to third parties. With regard to password management, default passwords and SSIDs should always be changed. Default credentials can be exploited by an attacker to access a router and install malicious content or scripts, or to tamper with firmware and settings.
1. Based on the discussion above, wireless protocol security should be a priority for organizations, governments, and individuals alike. Businesses and critical agencies should be especially focused on how well they are secured against attempts to destroy, degrade, or disrupt their information system resources. As Fiky (2022) indicates, however, most businesses appear ill-equipped to stop or even detect vulnerabilities that expose their wireless networks to attack. More specifically, "many businesses fail to perform a thorough risk analysis which means those vulnerabilities are not identified and addressed" (Fiky, 2022, p. 253). This needs to change. Organizational leaders should be sensitized to the costs of complacency on this front so that testing the security of their systems — through vulnerability scans, for example — is treated as an important and routine undertaking.
2. Cyber-attacks in wireless protocols continue to evolve in complexity. Individuals and organizations must therefore constantly update themselves on new trends in this area. Organizations and critical agencies should not hesitate to allocate adequate resources toward developing and implementing appropriate wireless security strategies, as well as toward identifying and remedying existing vulnerabilities. Individuals must also take wireless network security seriously. As Kizza (2017) notes, this is increasingly important "as we continue into a future in which everything from our phone to our refrigerator operates using a wireless internet connection" (p. 165). Numerous companies offer security solutions targeting both retail and individual clients.
3. Stakeholders should unite in the fight against cyber criminals and other bad actors who seek to undermine wireless data connections. Key stakeholders include, but are not limited to, governments and policymakers, software developers and vendors, IT professionals, cybersecurity companies, business entities, nonprofit organizations, and individual citizens. Collaborative efforts in this area could encompass information sharing, the development of joint interventions, and the coordination of policy responses.
In summary, as this paper has demonstrated, the importance of identifying vulnerabilities and employing various strategies to prevent cyber-attacks on wireless protocols cannot be overstated. This is particularly true given the serious adverse effects of successful penetration or intrusion attempts. It is likely that as technology continues to advance, cyber-attacks in wireless protocols will become even more complex and sophisticated. All stakeholders must unite in efforts to frustrate the attempts of bad actors and hackers to undermine the integrity of wireless data connections.
"WEP weaknesses, AP configuration, and password management gaps"
"Proactive strategies for organizations, individuals, and policymakers"
Vacca, J. R. (2016). Guide to wireless network security. Springer.
Wang, J., & Kissel, Z. A. (2015). Introduction to network security: Theory and practice. John Wiley & Sons.
Zhong, S., Zhong, H., Huang, H., Yang, P., Shi, J., Xie, L., & Wang, K. (2018). Security and privacy for next-generation wireless networks. Springer.
You’re 91% through this paper. Sign up to read the remaining 2 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.