Personal Cybersecurity (Part 33): Discount Devices, Premium Problems: The Risks of Low-Cost Easy Accessible Cyber Tools

What Can I See in Your Home? Wi-Fi and Bluetooth Scanning with Cheap Devices and Cybersecurity Firmware

Introduction

In today's digital age, securing your home network is paramount. Inexpensive tools, combined with cybersecurity firmware, can scan Wi-Fi and Bluetooth signals, revealing a surprising amount of information about your home network and valuable possessions.

The Power of Cheap Off The Shelf Devices

Cheap IoT (Internet of Things) and IIoT (Industrial Internet of Things) devices are compact, affordable, and versatile. Equipped with freely available cybersecurity firmware, these devices can perform extensive network scans. This capability means that anyone with basic technical knowledge can identify and access unsecured devices on your network.

The cost for these device ranges from AUD $30 to $300. They are legitimate devices manufactured and sold for a variety of education and industrial purposes, for example I use one as a GPS logger in my car, so I can use the GPS information for embedding into photos and GoPro videos. I also use some for home automation. But they can be reprogrammed very easily, with numerous tutorials on YouTube for nefarious purposes or for use attacking your own networks to highlight your own vulnerabilities and improve your own security.

Wi-Fi Vulnerabilities

Your home Wi-Fi network can be a goldmine for intruders. Unsecured networks can expose your browsing habits, personal data, and even control of smart home devices. It's crucial to use strong, unique passwords and enable encryption like WPA3 to safeguard your Wi-Fi network.

Bluetooth Security Risks

Bluetooth devices are ubiquitous, from headphones to smart home gadgets. However, Bluetooth signals can be intercepted if not properly secured. By scanning Bluetooth signals, intruders can identify valuable items such as smart TVs, high-end speakers, and other electronics.

Creating an Inventory of Bluetooth Devices

A burglar can use inexpensive tools to perform a Bluetooth scan and effectively create an inventory of your devices. Tools like the Ubertooth One or even the Flipper Zero can identify and catalog every Bluetooth-enabled device in your home. This includes:

• Smartphones and Tablets: Easily identified by their unique identifiers.
• Smart Home Devices: Speakers, TVs, and even refrigerators that broadcast Bluetooth signals.
• Wearables: Fitness trackers and smartwatches that constantly emit Bluetooth signals.

By creating this inventory, a burglar can determine the presence of high-value items, making it easier to target specific devices during a break-in.

Deauthentication Attacks

Another significant threat is the deauthentication (deauth) attack. Devices like the M5StickC, Raspberry Pi, or ESP8266 can be used to send deauth packets, effectively kicking devices off your Wi-Fi network. This disruption can be used to force devices to reconnect to a rogue access point, capturing sensitive information in the process.

The Threat of Deauthentication Attacks

Recent news stories have highlighted how these devices can be used to compromise network security. Cybercriminals can set up rogue devices to intercept data and gain unauthorised access to personal information.

A notable case involved a man using inexpensive tools to create fake Wi-Fi networks at airports and on flights, capturing personal information from unsuspecting travellers. Read more.

Disabling Wi-Fi Enabled CCTV

A burglar could also use a deauth attack to disable your Wi-Fi enabled CCTV cameras. By sending deauth packets, the burglar can:

• Interrupt the CCTV feed: Preventing the cameras from recording or transmitting footage.
• Disable alerts: Stopping the system from sending notifications of detected motion or intrusions to your smartphone or monitoring service.

This can provide a window of opportunity for the intruder to break in without being detected or recorded.

Avoiding Deauth Attacks on CCTV Systems

To protect your Wi-Fi enabled CCTV systems from deauth attacks, consider the following measures:

• Use Wired Connections: Whenever possible, use LAN connections for your CCTV cameras. Wired connections are immune to Wi-Fi-specific attacks.
• Enable 5GHz Wi-Fi: If Wi-Fi is necessary, configure your cameras to use the 5GHz band, which experiences less interference than the 2.4GHz band. Many inexpensive IoT/IIoT devices used for deauthentication attacks operate on the 2.4GHz band, so using 5GHz can enhance security and reduce the risk of such attacks. However, note that 5GHz networks have a shorter range and may not penetrate obstacles as well as 2.4GHz networks.
• Strong Encryption: Use WPA3 encryption to secure your Wi-Fi network and prevent unauthorised access.
• Firmware Updates: Regularly update the firmware of your CCTV cameras and router to protect against known vulnerabilities.
• Network Segmentation: Create a separate network for your IoT devices, including CCTV cameras, to isolate them from your main network.
• Monitoring Tools: Use network monitoring tools that can detect and alert you to deauth attack attempts in real-time.
• Built-in Deauthentication Attack Prevention/Mitigation: Some routers come equipped with advanced security features that detect and prevent deauthentication attacks. These features may include Intrusion Detection and Prevention Systems (IDS/IPS), real-time threat monitoring, and automated responses to suspicious activities, enhancing the overall security of the network.

Advantages of LAN Connections

To mitigate these risks, consider using wired LAN connections where possible. LAN connections offer several advantages:

• Stability: Wired connections are not susceptible to Wi-Fi interference and are generally more stable.
• Security: LAN connections are immune to Wi-Fi-specific attacks like deauthentication.
• Speed: Wired connections often provide faster and more consistent data transfer rates compared to Wi-Fi.

Steps to Enhance Network Security

• Use Strong Passwords: Create complex passwords for your Wi-Fi and all connected devices.
• Enable Encryption: Use WPA3 encryption for your Wi-Fi network to protect against unauthorised access.
• Firmware Updates: Regularly update the firmware of all your devices to fix security loopholes.
• Device Management: Regularly check connected devices to ensure no unknown devices are accessing your network.
• Disable Unnecessary Features: Turn off Wi-Fi and Bluetooth when not in use to minimise exposure.

Proactive Monitoring

Consider using network monitoring tools that alert you to unusual activities. These tools can provide real-time notifications if new devices connect or if there are attempts to breach your network.

Physical Security

Beyond digital security, physical security of your network devices is essential. Ensure your router and other network hardware are in secure locations, inaccessible to unauthorised individuals.

Conclusion

In an era where digital threats are ever-evolving, proactive steps to secure your home network are crucial. By understanding the capabilities of IoT/IIoT and other cybersecurity penetration devices and implementing robust security measures, you can significantly reduce the risk of cyber intrusions.

Are you confident in the security of your home network?

#CyberSecurity #TechSafety #NetworkSecurity #PersonalPrivacy #WiFiSecurity #BluetoothSafety