Digital X-ray view
Today's EWLANInfrastructures operate at 2.4 and 5 GHz - a frequency range in which water interacts with electromagnetic waves.
Anyone with an old microwave oven, which after switching on the WLAN-The people who have problems with reception can tell you a thing or two about it.
But how does something like this become a security problem? Through the clever, but hardly imaginable use of applications. But one after the other...
The human body consists of more than 50 percent water. We humans also interact with the WLAN.
These "disturbances" are nowhere near as massive as with old microwaves, but they are measurable!
If one combines the information of several AntennasThe railgun in the Schwarzenegger film Eraser is not so far-fetched. So the "railgun" in the Schwarzenegger film "Eraser" is not so far-fetched.
Recent research even allows to distinguish gestures with arm or fingers in space - just remember Tom Cruise in "Minority Report"!
Scanning through walls and detecting movements in electromagnetic fields are nothing new: For example, police can use them to gain information about people taken hostage without entering the room.
Even if the systems are more sophisticated and emit waves: The principle is the same.
See through walls
But the possibilities go much further: current research shows how to determine the PIN on a mobile device just by evaluating generally available information at a WLAN–Router.
Modern variants use several Antennas, the signal reception strength can be read out easily (CSI - Channel Strength Information).
If a mobile device is connected to the Router connected, there are minimal changes in the reception strengths during (PIN) entry: due to the movement of the hand in the room where it is connected to the WLAN-waves interacts, and by the minimally changed orientation of the device.
If the changes in reception strength are correlated, there is a probability of up to 81.8 percent of recognizing a ten-digit PIN that has been entered - without any compromise of the terminal itself.
Here, the purely academic approach of a future threat becomes a current problem!
For a potential attacker, it is not even necessary to have a public Hotspot in a café. He simply sets a so-called rogue Access Point on, under an existing or a generic name ("WLAN", "freeWiFi"...).
The process can even be automated to the point where the rogue Access Point automatically checks according to which WiFi-name devices, and also offers these names.
This leads to devices (often without any user interaction) automatically using such networks.
Security: always new, always exciting
The danger in the use of public Hotspots So it is no longer just that the Communication can be intercepted.
Meanwhile, local inputs on the device can also be evaluated. It is therefore advisable to rely on additional mechanisms like a fingerprint, especially for critical applications.
Such scenarios are one reason why IT–Security is so interesting and will probably remain so.
Threats are always coming from new and sometimes completely unexpected directions - as IT-As security managers, we must identify these risks, develop appropriate countermeasures, and implement them.
In the specific case, confirmation of previous "best practices" is recommended. The access of devices to public Hotspots has risk potential.
In the past, it was the possibility of Communication Today, there is also the additional risk that PINs and other entries can be intercepted.
Depending on the criticality of the data, this is another scenario that should play a role in risk considerations.
