Detailed attack pattern
Draft
CAPEC-615: Evil Twin Wi-Fi Attack
Adversaries install Wi-Fi equipment that acts as a legitimate Wi-Fi network access point. When a device connects to this access point, Wi-Fi data traffic is intercepted, captured, and analyzed. This also allows the adversary to use "adversary-in-the-middle" (CAPEC-94) for all communications.
Last updated
Low
Typical severity
Per MITRE
Not rated
Likelihood of attack
Per MITRE
1
Related weaknesses
CWEs this targets
Detailed
Abstraction
MITRE classification
Overview
CAPEC-615 (Evil Twin Wi-Fi Attack) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- None
Consequences
What a successful CAPEC-615 attack can achieve.
Read Data
Affects: Confidentiality
Intercept and control Wi-Fi data communications to/from mobile device.
How to mitigate it
Defenses that reduce the risk of CAPEC-615.
- Commercial defensive technology that monitors for rogue Wi-Fi access points, adversary-in-the-middle attacks, and anomalous activity with the mobile device baseband radios.