WiFi Signal Sniffer: Detecting Rogue Signals
GrayMatter Develops WiFi Signal Sniffer to Detect Rogue WiFi on the Plant Floor
A customer wants GrayMatter’s help to detect unauthorized WiFi hotspots that contractors and other visitors routinely use to gain quick Internet access while they work on a plant floor.
Unfortunately, every smartphone hotspot represents a potential cybersecurity breach that a cybercriminal could use to exploit sensitive data or launch a malware attack.
With industrial facilities that can be measured in acres rather than square feet, it’s difficult to spot someone using a smartphone or other device to provide Internet access while they’re working at a site temporarily.
As we all know, people don’t always choose a strong password to access their WiFi. Sometimes, there’s no password at all.
“If I’m a nefarious person and I want to get into your (company’s) network, and I see you have a cellphone that is producing a WiFi hotspot, and it’s plugged into the main plant computer or a PLC and charging, you just bridged the gap and allowed us access into the system to do things we shouldn’t be able to do,” explained Tom Walker, a GrayMatter cybersecurity consultant.
ProjectX: WiFi Signal Sniffer on the Plant Floor
Tom Walker, GrayMatter
The WiFi Signal Sniffer, built from a Raspberry Pi 4
Walker developed a portable solution that allows the customer to sniff out rogue WiFi signals on the plant floor.
The device — built from a Raspberry Pi 4 (a tiny, customizable computer) — connects to a database and reports its findings on a dashboard where employees can catalogue and track the unauthorized signals and make sure the hotspot user follows the proper access protocols.
The WiFi “signal sniffer” can collect data including a device’s MAC and IP addresses and its security encryption protocol such as WPA2, WPA and even WEP. WEP is an outdated and flawed encryption standard that some people still use, Walker said, despite its well-documented vulnerabilities.
“Now somebody can walk through and say, ‘Hey, you shouldn’t be setting up these WiFi access points,” Walker said.
Portability is key to Walker’s design since industrial environments are filled with concrete walls, steel parts, frequency interference and heavy equipment that can block WiFi signals over long distances.
Walker said his security measure is a smart precaution because rogue WiFi signals are such a common problem in industrial settings and beyond. If you’ve ever visited a donut shop and used your phone to search for an available WiFi signal, you know there’s no shortage.
Walker said a motivated cybercriminal could sit outside an industrial facility and use a homemade antenna to scan for rogue WiFi signals that have little or no security. Finding rogue WiFi signals helps, he said, but the larger goal is encouraging visitors and employees to adopt a smarter, ingrained approach to cybersecurity.
“It’s all about getting that visibility,” Walker said. “A lot of people don’t think about it or realize it. Someone could have had a hotspot on in their car and forgot to turn it off before walking onto a plant floor. It’s about making people aware and conscious of it while they’re there to do a job.”
GrayMatter believes in customized cybersecurity for operational technology.
We co-innovate solutions that address the unique needs of each customer. The WiFi signal sniffer is the perfect example of a critical security issue in an industrial, environment that requires an innovative approach.
The customer in this story is in the automotive manufacturing industry and relies on dozens if not hundreds of contractors every day, but many manufacturing facilities in various industries confront the same OT cybersecurity challenges.