When a user turns on his laptop and his device accidentally associates itself with an available Wi-Fi network (maybe due to the network being open), this is known as an incidental connection. The user may be unaware that this has occurred. This can be classified as an attack since the laptop may also be connected to another wired network and could perhaps provide inroads to this network from the open network. This mis-association could be accidental or deliberate with malicious intent, for example, the attacker's objective may be to bypass the company firewall and allowing a company employee to connect to this open network would help them achieve just that as the laptop would be a part of the trusted network. Therefore, beware of free or open to air Wi-Fi!

The following image represents an incidental connection:

Whenever an active connection with an unauthorized device is made to a corporate network with an employee's laptop acting as a rogue access point rather than the company's access point (AP). In such cases, the miscreant runs special tools, which makes their wireless network card look like a genuine access point. Once the miscreant has gained required access, stealing valuable information, grabbing passwords, or planting Trojans will be a piece of cake for them. These types of attacks occur when the miscreant successfully takes over a client. This could also happen in situations with an insiders involvement or help. The following image represents a malicious connection:

Ad hoc connections can also pose a very serious security threat. These are defined as direct peer-to-peer connections between two devices without the presence of a wireless access point. In the wired world, one would consider this akin to a connection between two computers using a cross-over Ethernet cable.

An ad hoc connection establishes a bridge between the two connections thus, opening the secure corporate network to the outside world. This could be compromised in a number of ways, including access to and cracking passwords of corporate resources. This could happen by simply leaving a malicious code on the peer-connected computer, which could steal resources/information at appropriate times. This following image represents an ad-hoc connection:

Networks such as Bluetooth or Bluetooth Low Energy (BLE) qualify under this category. As these are not strictly Wi-Fi, they may not seem that dangerous; however, these are another vector to examine from a security breach perspective. Similar to the previous peer-to-peer connections, networks can be compromised by accessing a corporate computer over a Bluetooth connection. Other devices may also be available over BLE connections, which could help in compromising the security of the network.

As part of the overall security posture, network administrators tend to add MAC address filtering on Wi-Fi networks. However, MAC filtering is only effective in small networks such as small office or home office (SOHO) networks. Any network device that is on the air transmits its MAC address and therefore, can be easily compromised by any sniffer and a tool to spoof the MAC addresses.

Any attack that uses a network device that is set up as an access point to entice unsuspecting users to log on with the objective of stealing their credentials is known as a man-in-the-middle (MITM) attack. Once this is done, the attacker sets up another connection using a separate network interface to a legitimate access point, allowing the traffic to flow through seemingly directly. One of the ways in which this can happen is using certain security faults in the challenge and handshake process to cause the previously connected computers to disconnect and then, reconnect to the hackers spoofed access point. This is known as a de-authentication attack. These kind of attacks are pretty common at public hotspots and similar locations.

Any attack that continuously sends multiple requests (genuine or fraudulent) to a network device in such a manner as to prevent legitimate users from connecting to the network resource is called a DoS. From a Wi-Fi perspective, this means that users will be unable to log on to an access point as it has been flooded with bogus requests. The usual objective, other than the denial of actual service, is to have the network re-establish itself and broadcast all its credentials from scratch that allows a malicious hacker to gather all this information for an attack later in time.

These are just a small sampler of the many different attacks out there. Therefore, now it is the time to get ready to defend your turf…