HKCERT Releases New Study to Raise Security Awareness of Wi-Fi Devices

The applications of the Internet of Things (IoT) are becoming more diverse with the rapid development of wireless technology. Each type of IoT devices need to adopt the appropriate wireless technology to suit its application requirements, with Wi-Fi being the most popular wireless networking due to its blazing fast transmission rate and easy deployment. Home and business areas are some common scenarios for Wi-Fi applications where users can easily connect a Wi-Fi network with a personal computer or mobile phone to access the Internet.

The most noticeable advantage of Wi-Fi is that it can meet the networking requirements of nearly all IoT devices. Many are Wi-Fi enabled, for example, Wi-Fi routers, network cameras and smart home appliances which are very common in our everyday lives. Yet their cyber security risk should not be neglected. Any IoT devices connecting to the Internet through Wi-Fi may encounter security threats from the Internet. Also, various kinds of security vulnerabilities are found in the authentication and encryption methods for Wi-Fi technology. Consequently, Wi-Fi security has attracted much attention from general users, IT operators and product developers.

For IoT devices, there are relatively few security protection programs. Also, users often ignore update patches of IoT devices that can substantially increase the security level of their devices, leaving them more vulnerable to cyber attacks. Attackers may use improper device configuration or vulnerabilities to launch attacks, triggering sensitive information disclosure and remote code execution.

To this end, HKCERT recently completed a study on the security level of Wi-Fi devices. Apart from identifying the types of Wi-Fi authentication and encryption protocols and the recommended configuration methods, it also conducted security analysis on the port management, transmission encryption and authentication management for some of such devices currently available in the market. Through the analysis, HKCERT hopes to illustrate relevant security issues and to help raise security awareness of Wi-Fi devices among product developers and general users. The study also offers useful tips on strengthening the overall security of Wi-Fi devices.
 

Please click “IoT Device (Wi-Fi) Security Study” to download. Should users or developers have any comments or enquires about the study, they are most welcome to contact HKCERT via email: [email protected] or its 24-hour telephone hotline: 8105 6060.