The commoditization of attack tools with simple user interfaces such as the Wi-Fi Pineapple by Hack5 made it possible for curious amateurs to perform advanced Wi-Fi attacks. Amateur Wi-Fi hacking has attracted a large following; there are nearly 3 million “how to” tutorial videos online teaching curious people how to leverage commoditized attack tools to perform man-in-the-middle attacks on 802.11 networks and steal sensitive information out of the air.
The same trends that spurred the expansion of Wi-Fi hacking, are now beginning to impact criminal activities involving other wireless standards. These trends are possible due to the affordability and availability of software define radios (SDR), a RF technology that allows a device to talk and listen to a very broad range of wireless frequencies. SDR-based attack tools have already been introduced to the market, namely the HackRF One by Great Scott Gadgets and the community of YouTube videos is growing quickly with “how to” topics ranging from unlocking luxury car doors to spoofing GPS signals.
At the same time, demand for wirelessly connected devices continues to grow sharply and equipment vendors are incorporating wireless connectivity into a variety of products ranging from cars to gas/water meters, personal health devices, and alarm systems. This creates many interesting new targets for wireless hacking.
In 2018, expect new attacks leveraging SDR technology to intercept and decode traffic from a variety of wireless devices that incorporate protocols such as Zigbee, Sigfox, Bluetooth, RFID, LoRA, and 802.11 variations. As part of their 2018 Security Predictions series, WatchGuard Technologies has addressed this issue in the following video.