Cybersecurity Fundamentals - Assessing and Analyzing Personal Cybersecurity Practices

ICT111

Cybersecurity Fundamentals

Assessment 2 -

Analysing Personal Cybersecurity Practices

Student ID –

Student Name -

List of Figures

Introduction

The ascendancy of wireless networks, personal Wi-Fi in particular, has brought a set of new problems concerning cybersecurity. As people manage to hook several devices like smartphones, laptops, and IoT devices to home networks, the attack surface of cyber threats gets expanded many folds. This report aims at assessing and analyzing personal cybersecurity practices, with particular reference to the security of wireless networks. This report, upon evaluating the current configuration of a personal Wi-Fi network, will consider the risk that has been identified and assess its impact on the situation at hand. The report will then further suggest practical strategies to mitigate this risk.

A proper evaluation of the network environment will be done by these tools, which is Wireless Monitor Tool, as well as by commands in Microsoft Windows Network Shell, by focusing on encryption protocols, signal strength, and network security settings. Lastly, the personal network security will be compared to another network, such as a public Wi-Fi network so that there can be a better understanding of vulnerabilities as well as risks.

Network Inventory and Risk Identification

The first step toward developing a robust security posture in wireless networks is to have knowledge of the prevailing network setup, the potential threats, and the vulnerabilities that exist.

Personal Wi-Fi Network Setup

It is a home Wi-Fi network that contains a wireless router connected to the Internet Service Provider, or ISP, so it will allow spreading the internet connection to any number of devices using wireless signals. In particular, this network uses a [Router Brand and Model], which supports encryption through WPA3.

Router Configuration

It supports both 2.4GHz and 5GHz bands. As flexibility is demonstrated by the router in network management as well as in device connection, flexibility can be its most dominant feature. This makes it possible to have more protection from connected devices (IO, 2024). Despite multiple threats still present, there are many others that could take place.

Connected Devices

There are approximated ten devices connected to the network. Each one represents potential vulnerabilities. In particular, IoT devices are much riskier in terms of security, due to typically much weaker protection mechanisms as compared to laptops and smartphones.

Figure 1 Home Network Diagram

Possible Threats to Security

Weak Router Setting

Although WPA3 can provide more secure encryption, other router settings can create the possibility of vulnerabilities to the network. This may be a defaulted SSID broadcast setting, the failure to update the router firmware, or allowing the remote access capability without security. This allows unauthorized access to the network (Muraleedhara and Bhangepatil, 2024).

Encryption and Security Protocols

This encryption is on par with the current industry standard, WPA3. However, by linking devices that only support WPA2, it still leaves room open for potential vulnerability. WPA2 has remained the most used encryption protocol currently; however, it has been proven to be vulnerable to KRACK (Key Reinstallation AttaCK) exploits, which allows them to decrypt data transmitted (IO, 2024).

Device Security

Every device connected presents its unique threat, especially if there have not been regular installations of security patches or updates. In addition to this, IoT products such as thermostats and smart cameras are much more vulnerable to attacks since their computing power is low and often their security measures are incomplete (Gupta and Kumar, 2020).

Data Collection Using Tools

Wireless Monitor Tool

Wireless Monitor Tool scans the wireless network environment. The tool included some crucial information such as SSID Service Set Identifier), BSSID Basic Service Set Identifier), signal strength, and security type. This would make it easier for hackers to tap on signals, especially if the network is close to the public spaces (NirSoft, 2023).

Figure 2 WifiInfoView

Windows Network Shell Commands (netsh)

Advanced network settings were discussed through Windows Network Shell commands. Detailed information about the Wi-Fi connection was then revealed by the command netsh wlan show interfaces, including signal quality, channel frequency, and network authentication (Microsoft, 2023).

Figure 3 NETSH

Applying Cybersecurity Concepts

Encryption, network security protocols, and strength of signals are major concepts of cybersecurity while assessing the security of a Wi-Fi network. WPA3 encryption offers strong protection against brute force and key recovery attacks, making it even much stronger than WPA2 (Ali and Olokunde, 2020). Old devices that only support WPA2 will still weaken the security of the network as well.

Risk of Unauthorized Access

One of the major identified risks is unauthorized access to the network. The attacker might gain access to confidential information or perform his evil activity by posing on the network, such as launching Distributed Denial of Service (DDoS). Some rigorous measures needed to be taken against this risk are strengthening the policy for passwords, removing remote access services, and updating firmware regularly (Gupta and Kumar, 2020).

Signal Interception

However, because it has been previously discussed, weak signal areas will become an interception risk, which can be significant in many home premises where the Wi-Fi range goes outside of the house. Optimizing the placement of the router and application of advanced techniques for signal encryption would help abate such risks.

Figure 4 NETSH: All information of Profile

Risk Assessment and Analysis

Given the proper risk assessment, it is of extreme importance that a personal Wi-Fi network has knowledge about the vulnerabilities that may expose the network to cyber-attacks.

Comparison of Personal, Public and Private Wi-Fi Networks

Personal Wi-Fi Network

This is a personal Wi-Fi network employing WPA3 encryption, all of which are explained above; thus, it's a high-security protocol that shuns brute force attacks. Advanced configuration settings on this network include an SSID mask and multi-factor authentication, which requires even MFA for its administrative access and password complexity requirements (Ali and Olokunde, 2020).

Public Wi-Fi Network

A public Wi-Fi network typically does not have this security feature, and it usually relies on obsolete encryption techniques like WPA2 or even open networks that are nonsecured (Huang and Lee, 2021). Public networks are prone to MITM attacks wherein a dialogue between two parties is intercepted by a hacker and either overheard or altered.

Private Network

For clarification, a second private network was tested. Unlike the personal Wi-Fi example above, this network depended on WPA3 encryption but had a better configuration on the router side with current firmware updates, strict policies on which devices access the network, and better segmentation on the network side. This network, therefore, is an example of a more secure approach because of its strong setup configurations (Smith, 2022).

Identified Risks and Vulnerabilities

From the comparison and inventory analysis, a few specific risks were identified with regard to their variables of potential impact and likelihood. Such risks are categorized and analyzed below.

Outdated Device Firmware

Firmware that is either outdated or not up-to-date in connected devices, and especially in IoT, is a significant threat. Firmware upgrade packages usually contain patches for known vulnerabilities, which if not installed might leave the network open to exploit by unauthorized access or denial-of-service (DoS) attacks (Gupta and Kumar, 2020).

Weak Router Settings

Aside from these weak encryption methods like WPA3, weak router configurations include default login details, remote access enabled with poor configurations, and firmware not patched open the door to hackers (Muraleedhara and Bhangepatil, 2024).

Signal Interception

Signal capture is the interception of wireless signals by a person who is near the network, hence taking control of the data transmitted. The threat is more significant when Wi-Fi in a house or workplace extends beyond the boundaries of the building into a public space or in apartment houses.

Device Management

Device users do not manage them correctly-mostly do not apply security updates, do not change passwords on one device but on more than one, and have never used any particular firewall feature. Such behavior increases the possibilities of being infected by malware, unauthorized access, or data breaches (CISA, 2021).

Public Wi-Fi Exposure

More so, devices that have accessed public Wi-Fi networks will be more vulnerable to malware and MITM attacks or other types of cyber threats. Subsequently, when they reconnect to the personal network, they spread malware or give a backdoor access to attackers to grab sensitive information (Huang and Lee, 2021).

Poor Network Segmentation

Network segmentation is the division of the network into smaller parts or sub-networks, to ease and provide management as well as security over devices connected to the network. The personal network is not fully segmented. This may increase the likelihood of a lateral movement over the network in case the network gets breached (Smith, 2022).

Figure 5 Risk Assessment Matrix

Threat Level and Impact Analysis

Outdated Firmware on a Device

Devices may be exploited remotely by known vulnerabilities if their firmware are not updated. The impact could range from unauthorized access to the network, data breaches or total network failure which can cause unavailability of services rendering users' personal data exposed to hackers (Ali and Olokunde, 2020).

Bad Router Configuration

Weak router settings-most especially in the cases of default passwords or remote access enablement without proper security configurations- tend to highly facilitate unauthorized access. Once the attacker has control over the router, he may change the security settings, reroute traffic, or launch other attacks on devices connected to it (Muraleedhara and Bhangepatil, 2024).

Signal Interception

Signal interception is a somewhat likely threat because WPA3 encryption renders it much more challenging to achieve unauthorized access. The potential impact is moderate because intercepted data will likely be encrypted (NirSoft, 2023).

Device Mismanagement

Because of user behavior, poor device management is still a major issue. If general security hygiene is not implemented, for example in terms of update installations and strong passwords, the risk of malware infection or unauthorized access is more considerable.

Public Wi-Fi Exposure

Unsecured public Wi-Fi networks come with highly significant risks because they impose very minimal security controls. Devices that often connect to the public network then go ahead to rejoin the personal network provide back doors for malware or cyber-attacks leading to data leakages or network instability (Huang and Lee, 2021).

Unsecured Network Segmentation

Poor network segmentation allows malicious actors to move laterally across devices in case of breach. With compromised one device, an attacker can easily gain access to many other more critical devices, which leads to more potential loss or alteration of data (Smith, 2022).

Risk Treatment and Justification

After conducting appropriate risk analysis, countermeasures need to be developed and established for each of the risks identified.

Obsolete Firmware of the Device

The most effective way to reduce the risk associated with obsolete firmware of the devices is to allow regular updates of every device in the network, particularly the IoT devices since these devices often miss necessary updates. Adopt the following:

1. Automatic Updates

2. Firmware Versions Checking

3. Notification Enablement

4. To replace unsupported devices: any device which no longer receives firmware updates should be replaced with newer devices that support.

Justification

The firmware can often address the vulnerabilities and security flaws that an attacker may use. The devices with all the newest firmware, therefore, diminish to a great extent the likelihood of successful exploitation, and thus, risks from unauthorized access and malware infections. Firmware updates also resonate well within the theme of "secure by design" environments where all the components are kept at the highest security standards (Gupta and Kumar, 2020).

Figure 6 Update Firmware

Flimsy Router Settings

To overcome weak router settings, the following steps can be followed.

1. Use New Username and Password

2. Turn off Remote Access

3. Turn on WPA3 Encryption

4. Turn on Firewall and IDS/IPS

5. Restrict Admin Access

Justification

The new access credentials instead of the default ones is probably the easiest yet most effective method to prevent unauthorized access into the network. Most cyber attacks rely on default login credentials only because the availability is public for every router model. Secure remote access also means that hackers cannot gain control over access to the LAN from outside. The WPA3 encryption proves the most secure against a brute force attack and any kind of cryptographic exploitation as defined by IO, 2024. The firewall as well as IDS/IPS features protect the network against possible intrusion through traffic analysis.

Figure 7 Upgrades Encryption

Signal Interception

There are various measures that can be taken in order to counter signal interference:

1. Centralize Router Location

2. Reduced Signal Power

3. Guest Networks

4. Track Signal Activity

Justification

By adjusting the strength of your signal, you are making it increasingly difficult for those nefarious hackers to intercept your wireless communications. Controlling your signal strength and where you site your routers limits external access to your Wi-Fi, and a guest network puts another layer of security between less important devices. Monitoring your network for rogue devices brings to light many potential interceptions attempts long before they could happen, giving you plenty of time to take precautions.

Device Mismanagement

The following can improve device management and reduce possible risks of mismanagement

1. Use complex passwords for all devices used

2. Enable Two-Factor Authentication wherever available

3. Install Security Software

4. Device Management Schedules

Justification

With proper device management, the connected users are protected from common threats such as malware, unauthorized access, and data breaches. Use of strong passwords, use of two-factor authentication, as well as security software will enhance protection against brute force attacks, phishing, and malware. The best means of maintaining an optimal security posture is reviewing devices and their security settings constantly since mismanagement does not introduce vulnerabilities into the network (Muraleedhara and Bhangepatil, 2024).

Figure 8 MAC Filter

Public Wi-Fi Exposure

The following measures are adopted to mitigate risks caused by public Wi-Fi exposure.

1. Employ VPN

2. Disable Automatic Wi-Fi Connections

3. Public Wi-Fi

4. Device Malware and Network Activity Monitor

Justification

Public Wi-Fi is an identified attack risk, especially man-in-the-middle attacks where hackers steal unencrypted data. A VPN encrypts all traffic such that, for example, attackers will not see or alter the data. Automatic connections may be disabled, and if this option is accepted, devices will not connect to compromised networks. With limited sensitive activities and scanning of devices after surfing public Wi-Fi, the chance of attacks or malware infection will be minimal (IO, 2024).

Figure 9 Enable VPN

Poor Network Segmentation

You can configure network segmentation in the following ways:

1. Internets

2. Restrict inter-network communications

3. Monitor Segment Traffic

Justification

Network segmentation cuts devices off from each other and minimizes the damage inflicted by a potential breach. Once an IoT device is compromised, the attacker will not directly gain access to other critical resources within other segments. Segmenting also limits inter-network communication and would allow for swift detection of breaches combined with containing them, stopping lateral movement in a network.

Conclusion

This report scrutinized and analyzed personal cybersecurity practices relative to safety when accessing the wireless network. This was possible because of the use of other tools, including the Wireless Monitor Tool, whereby the Windows Network Shell Commands showed some of the risks faced by outdated firmware, weak router settings, signal interception, device mismanagement, and public Wi-Fi exposure. It thus categorized each risk with regard to its potential impact and likelihood. Significant evaluation was done to determine its vulnerabilities through the network analysis.

An effective risk treatment strategy was recommended with some strategies such as the firmware upgrades, stronger encryption methods like WPA3, proper configuration of a router, and optimal management of the attachments. This also included suggestions on securing the connections over public Wi-Fi and leakage prevention. Each of these recommended treatments was motivated by relevant cybersecurity principles and best practices to ensure that the suggestions made are both feasible and workable.

References

Ali, A., and Olokunde, T., 2020. Enhancing Wi-Fi network security through modern encryption protocols. Journal of Cybersecurity Studies, 12(2), pp. 75-88. Available at: http://jomardpublishing.com/UploadFiles/Files/journals/JTME/V8N3/Alabady_et_al.pdf (Accessed on: 1 October 2024)

CISA, 2021. Securing Wireless Networks. Available at: https://www.cisa.gov/news-events/news/securing-wireless-networks (Accessed on: 1 October 2024)

Gupta, P., and Kumar, N., 2020. Cyber threats in wireless networks: An analysis of vulnerabilities in modern routers. Network Security Journal, 8(1), pp. 35-50. Available at: https://www.researchgate.net/publication/366681645_A_Cyber_Security_Threats_Vulnerability_Challenges_and_Proposed_Solution (Accessed on: 1 October 2024)

Huang, Y., and Lee, K., 2021. A comparative analysis of public Wi-Fi network risks. Wireless Networks and Security, 14(5), pp. 210-228. Available at: https://www.researchgate.net/publication/339273589_Cyber_Security_Awareness_Knowledge_and_Behavior_A_Comparative_Study (Accessed on: 1 October 2024)

IO, 2024. WPA2 vs WPA3: Key Difference in Wi-Fi Security Protocols. Available at https://io.hfcl.com/blog/wpa2-vs-wpa3/ (Accessed on: 1 October 2024)

Microsoft, 2023. Netsh command documentation. Microsoft. Available at: https://learn.microsoft.com/en-us/windows-server/networking/technologies/netsh/netsh-contexts (Accessed on: 1 October 2024)

Muraleedhara, P., and Bhangepatil, A., 2024. Risk, Exploits and Remediation. Cyber Defense Magazine. Available at: https://www.cyberdefensemagazine.com/wireless-peripheral-devices-security-risk-exploits-and-remediation/ (Accessed on: 1 October 2024)

NirSoft, 2023. Wifi Information View. NirSoft. Available at: https://www.nirsoft.net/utils/wifi_information_view.html (Accessed on: 1 October 2024)

Openlearn, 2024. Encryption in wireless networking. Available at: https://www.open.edu/openlearn/mod/oucontent/view.php?id=48321&section=2.2 (Accessed on: 1 October 2024)

Smith, R., 2022. Evaluating network security protocols for home networks. Journal of Network Engineering, 22(3), pp. 45-61. Available at: http://his.diva-portal.org/smash/get/diva2:1800345/FULLTEXT01.pdf (Accessed on: 1 October 2024)