Wireless Compromise

From attackics
Jump to navigation Jump to search
Wireless Compromise
Technique
ID T860
Tactic Initial Access
Data Sources Network protocol analysis, Packet capture, Network intrusion detection system
External Contributors Scott Dougherty

Description

Adversaries may perform wireless compromise as a method of gaining communications and unauthorized access to a wireless network. Access to a wireless network may be gained through the compromise of a wireless device.12 Adversaries may also utilize radios and other wireless communication devices on the same frequency as the wireless network. Wireless compromise can be done as an initial access vector from a remote distance.

A joint case study on the Maroochy Shire Water Services event examined the attack from a cyber security perspective.3 The adversary disrupted Maroochy Shire's radio-controlled sewage system by driving around with stolen radio equipment and issuing commands with them. Boden used a two-way radio to communicate with and set the frequencies of Maroochy Shire's repeater stations.

A Polish student used a modified TV remote controller to gain access to and control over the Lodz city tram system in Poland.45 The remote controller device allowed the student to interface with the tram’s network to modify track settings and override operator control. The adversary may have accomplished this by aligning the controller to the frequency and amplitude of IR control protocol signals.6 The controller then enabled initial access to the network, allowing the capture and replay of tram signals.4