!!

Wireless Security in the cruel world

Kitisak Jirawannakool E-Government Agency (Public Organization)

!

kitisak.jirawannakool@ega.or.th

!1 !!

Agenda❖ About EGA and myself ❖ Wireless technology ❖ Threats ❖ Protections

!2

!!

Agreement❖ Turn off your mobile phone or keep silent ❖ Stop me anytime, if you want to ask or share

something ❖ Relax and feel free to discuss ❖ Keep in touch and keep sharing after class

!

❖ Be Aware, but Do not Panic

!3 !!

Contact me

Name : Kitisak Jirawannakool !

Facebook : http://www.facebook.com/kitisak.note !

Email : kitisak.jirawannakool@ega.or.th !

Weblog : http://foh9.blogspot.com !!

Twitter : @kitisak

!4

!!

About me

❖ Education ❖ Bachelor : Comp. Eng. KKU ❖ Master : Comp. Sci. CU

❖ Certification and Award ❖ COMTIA Security+ ❖ Asia Pacific Information Security Leader Achievements

2011 (ISLA) by (ISC)2

❖ Membership ❖ APWG, ShadowServer, OWASP, MSCP, CSA Thailand

Chapter, MedSec

!5 !!

About me (Experience)❖ Almost 11 years in IT Security at NECTEC

❖ Incidents response ❖ Research ❖ Speaker and writer ❖ …

❖ Working as a Security Specialist at EGA ❖ Looking for our collaborations

❖ OWASP Thailand Chapter Leader

!6

!!

About EGA❖ First established in 1997 as Government

Information Technology Services (GITS) ❖ ~ 190 staffs ❖ Services

❖ Government Information Network (GIN) ❖ Government Cloud Services (G-Cloud) ❖ MailgoThai service ❖ e-Gov portal ❖ e-CMS 2.0

❖ More details : http://www.ega.or.th

!7 !!

E-Government services

!824x7 Helpdesk and Contact CenterEGA Contact

Other Government’s services

ServicesGovernment Security Monitoring (GovMon)

Incident

Informati

Response

Risk Cloud

Cloud

Cloud Inter SaaS PaaS IaaS

Government GINGovernment

!!

Situation is changing

!9 !!

Important points

!10

Incident ResponseTechnical Training

CollaborationAwareness Training

!!

❖ C (Confidentiality) ❖ I (Integrity) ❖ A (Availability)

!11

What is Security?

!

Wireless Technology - Big picture

!12

Internet Backbone

2G,3G Cellular Network • GSM, GPRS, WCDMA, cdma2000

Wireless Personal Area Network (WPAN) • Bluetooth, Zigbee

Wireless Local Area Network (WLAN) • Wi-Fi

Wireless Metropolitan Area Network (WMAN) • WiMAX

Satellite Network

!!

Connection technology❖ 3G, 4G or EDGE ❖ Wifi, WiMax ❖ NFC - Near Field Communication ❖ DLNA - Digital Living Network Alliance ❖ Bluetooth

!13 !!

NFC

!14

!!

DLNA

!15 !!

Mobile devices

!16

!!

Simple Questions❖ Do you Lock your mobile device? ❖ Do you have Anti-malware installed? ❖ How many Apps in your device? ❖ Are them all Trustworthy? ❖ Have you ROOTED/Jail-broken your device?

!17 !!

Recent mobile devices❖ Truly handheld computer ❖ Connectivity everywhere ❖ Apps for everything ❖ Cheap

!18

!!

Mobile and Smart devices❖ Laptop/Notebook ❖ Mobile phone ❖ Tablet ❖ Other

❖ Smart, Android and Apple TV ❖ GPS ❖ Cars ❖ Game consoles ❖ Medical devices

!19 !!

Smart phone activities in Thailand

!20

https://www.facebook.com/imcinstitute

!! !21 !!

The Common Fails!❖ Lost ❖ Stolen ❖ Free WiFi lovers ❖ Lots of apps (Trusted/Untrusted) ❖ No passcode protected ❖ Location services ❖ Left unattended ❖ Just click ❖ Full time WiFi on and with “Auto connect”

!22

!

Simple Questions (2)❖ Do you surf the internet via public wifi? ❖ Have you removed SSID from your list? ❖ Have you ever transferred money online by using

public wifi?

!23 !!

Threat Examples❖ WiFi attacks

❖ War Driving and WiFi Sniffing ❖ Rouge Access points ❖ Man in the Middle Attacks ❖ Flood/ DDoS

!24

!!

WLAN Security: Why it matter?❖ International concerns

❖ Access point ≈ Wireless Hub ❖ Difficult to trace attackers

❖ Low cost hacking equipment

❖ Typical insecure WLAN deployments

❖ Lack of user/admin security awareness

❖ Technology limitations & vulnerabilities

!25 !!

WLAN Security Threats❖ Passive data sniffing

❖ AiroPeek, Kismet ❖ Username/password ❖ Credit card number ❖ Email messages ❖ Company Info.

!26

Stealth sniffer !

!!

WLAN Security Threats❖ Unauthorized access

!27

! Wardriving ! Internet attack ! MAC spoofing ! Company backdoor ! Client-to-client attack ! Spam mail

Stealth Attacker!

!!

War Driving❖ War driving is when people

drive around with high-gain antennas on their cars with special software to detect wireless networks

!28

http://www.gugli.it/modules/gallery/photos/wardriving1/1.jpg

!!

Wireless Networks in LA

!29 !!

Toys for Hackers

!30

!!

A Dual-Use Product

!31

Cantenna

!

Easy and Cheap to buy

!32

!!

WLAN Security Threats❖ Jamming or denial of service attack

!33

! 2.4 GHz RF jamming ! Packet flood

RF Jamming unsolvable!

!!

WLAN Security Threats❖ User hijacking & Man-in-the-middle attack

!34

! Inverse Wardriving ! Sniff & Modify ! Fake server and AP ! Https hack ! SSL Strip ! Faked Certification ! Password stealing ! “Phishing”

User

HackerRogue AP

Jam & Roam

!!

WLAN Security Threats❖ Man-in-the-middle attack

!35

!! Inverse Wardriving

AP

Internet

A Company

Traffic analysis

Rogue APInternet

Hacker

!!

Man In The Middle attack

!36

!!

HTTPS attacks!❖ SSL Strip (HTTPS -> HTTP) ❖ Faked Certification

❖ HTTPS (without awareness) = HTTP

!37

https://surajonunix.wordpress.com/2012/02/24/man-in-the-middle-using-ssl-strip/

!!

WLAN Security Countermeasures❖ Data encryption

!

❖ Authentication (e.g., Login Username/Password, Smart card)

!

❖ Authorization (e.g., Access Control)

!

❖ Monitoring (e.g., IDS)

!38

@sdo#$%ks!*ss&^)d:;s@#$ae&*

!!

How to use WiFi securely?❖ Use only trusted WiFi network (access point) ❖ Look carefully at the access point name ❖ Remove the unused access point name from list ❖ Select to connect to only the encrypted

connection (WPA and WEP) ❖ Install “HTTPS Everywhere” extension for

Chrome and Firefox ❖ Do not share files and folders ❖ Turn on personal firewall

!39

Details in Thai : http://foh9.blogspot.com/2012/09/blog-post.html

!!

Network-connected system

!40

!!

New generation❖ PC liked ❖ Connect to the internet ❖ Many apps provided ❖ Not many people concern about security

!41 !!

What will we do, if ...❖ Malware is infected on TV or Refrigerator ❖ TVs are hacked ❖ Spam are sent to show on our TV ❖ Game consoles break down because of malware

or hacker ❖ We need to investigate TV or other non-PC

devices for finding criminals

!42

!!

Endpoint Protection❖ Do not Root or Jailbreak ❖ Install Anti-malware software ❖ Lock the phone with the secure pincode ❖ Finding our phone

❖ iPhone and Galaxy have their own software ❖ For other, use Anti-malware software (aka. Avast,

and Sophos security and antivirus) ❖ Wiping our phone remotely ❖ Do not post our phone number publicly ❖ Browse the webs securely -> next page

!43 !!

Do not use these pincodes❖ Do not use these pincodes ❖

!44

http://nakedsecurity.sophos.com/2011/06/14/the-top-10-passcodes-you-should-never-use-on-your-iphone/

!!

Securing a mobile for web browsing❖ Do not click on suspicious links ❖ Consider URLs carefully and beware short URLs ❖ Use 3G rather than free WiFi ❖ Use a VPN ❖ Be selective with your browsing ❖ Keep your device secure ❖ Download from trusted sources ❖ Keep your OS and apps up-to-date

!45 !!

Cyber Terrorists❖ Mobile weaponing

❖ Bot on Mobile ❖ DDoS

❖ PwnPad

!46

!

Conclusion❖ Wireless technology is growing fast ❖ More convenience, but easier to attack ❖ Protection need to do on providers and users ❖ Security awareness is the most important

!47 !!

Contact me

Name : Kitisak Jirawannakool !

Facebook : http://www.facebook.com/kitisak.note !

Email : kitisak.jirawannakool@ega.or.th Weblog : http://foh9.blogspot.com !

Twitter : @kitisak

!48

!!

Contact me

!49

Contact me

kitisak.jirawannakool@ega.or.th

helpdesk@ega.or.th

http://www.ega.or.th