Wireless networks are a massive security risk and yet almost required in most homes and businesses. While close proximity to the target is required, some fundamental issues with the WiFi protocol allow determine attackers to break into wireless networks.
A famous example is the GRU hack of the OPCW in 2018, where Russian intelligence officers attempted to break into wireless networks but were detected and stopped by Dutch military intelligence. There are good overviews by the BBC and The Guardian f you want to learn more.
Attack platforms like the WiFi Pineapple are easy to acquire and cheap. There are many examples of different attacks utilizing several access vectors with commodity hardware.
Unfortunately, the defensive side of technology has not kept up and many available wireless intrusion detection systems are either signature based and easily tricked or rely on machine learning algorithms that produce false positive alert fatigue in the extremly unpredictable noise wireless networks.
Nzyme is taking a different approach, looking for extremely hard to spoof traces of attacks or other unusual behavior.
Lennart hosted a Twitch stream about WiFi security and uploaded the recording to YouTube:
Actions required to discover and join WiFi networks are communicated using management frames. Unfortunately, these frames are completely unencrypted in the vast majority of network configurations. This opens WiFi networks to many attacks that use spoofing, eavesdropping and can even cause severe privacy issues.
The reason for the unencrypted nature of the management frames is simple: To be able to negotiate joining a network and encrypting further communication, the initial communication has to happen without encryption or the two sides could not talk to each other. Management frames can be encrypted in some enterprise networks, where a client needs to download and install a certificate before it can connect to the network.