Mobile Threat Catalogue

Wi-Fi Hotspot Hijacking

Contribute

Threat Category: Network Threats: Wi-Fi

ID: LPN-3

Threat Description: Malicious Wi-Fi networks could masquerade as legitimate Wi-Fi networks, allowing adversaries to intercept or potentially manipulate device communications.

Threat Origin

Guidelines for Securing Wireless Local Area Networks (WLANs) (SP 800-163) 1

Exploit Examples

FCC Fines Marriott $600,000 for Jamming Hotel Wi-Fi 2

CVE Examples

Not Applicable

Possible Countermeasures

Mobile Device User

When choosing to connect to an unencrypted and potentially spoofed Wi-Fi network, to reduce the probability of connecting to a malicious network, verify the network appears consistently geolocated with the host (e.g., on the premises), and if possible, verify with a representative that the intended Wi-Fi network is the one they host.

To decrease the probability of connecting to a spoofed Wi-Fi network, configure devices to not automatically connect to unknown Wi-Fi networks, and to ‘forget’ public networks once they are no longer in use.

Enterprise

To greatly decrease the probability of this attack, only allow mobile devices to connect to authorized Wi-Fi networks that use WPA2 encryption with a strong pre-shared key (for personal mode).

References

  1. M. Souppaya and K. Scarfone, Guidelines for Securing Wireless Local Area Networks (WLANs), SP 800-163, National Institute of Standards and Technology, 2016; http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-153.pdf [accessed 8/24/2016] 

  2. G. Fleishman, “FCC fines Marriott $600,000 for jamming hotel Wi-Fi”, blog, 3 Oct. 2014; http://boingboing.net/2014/10/03/fcc-fines-marriott-for-jamming.html [accessed 8/24/2016]