Cybersecurity for Manufacturing: Wireless Networks 202

“Cybersecurity for Manufacturing: Wireless Networks 202” introduces common wireless technology used in manufacturing and the risks associated with using wireless networks. Common wireless networks used in manufacturing include wireless local area networks (WLANs) and wireless personal area networks (WPANs). Using WLAN technology can expose manufacturers to security risks not associated with wired networks, such as wardriving, piggybacking, and evil twin attack. Additionally, using older WPAN technology or outdated security protocols can allow criminal hackers to easily access digital information through wireless devices.

Manufacturers using wireless technology should understand the risks and employ strategies to protect their wireless networks. After taking this course, users will understand a variety of wireless networking options and their general applications, the risks associated with these networks, and effective ways to make these networks more secure.

Class Details

Class Name:
Cybersecurity for Manufacturing: Wireless Networks 202
Difficulty:
Intermediate
Number of Lessons:
10

Class Outline

  • Introduction to Wireless Networks
  • Wireless Local Area Networks
  • Wireless Personal Area Networks
  • Wireless Risks: Wardriving and Piggybacking
  • Wireless Networks Review
  • Wireless Service Interruptions
  • Evil Twin Attacks
  • Basic WiFi Security Protocols
  • Protecting Wireless Networks
  • Wireless Security Review

Objectives

  • Describe wireless networks.
  • Describe wireless local area networks.
  • Distinguish between common wireless personal area networks used in smart manufacturing.
  • Distinguish between wardriving and piggybacking.
  • Identify common causes of wireless service interruptions.
  • Describe evil twin attacks.
  • Describe common security protocols used by WiFi networks.
  • Describe various ways manufacturers can protect wireless networks.

Job Roles

Certifications

Glossary

Vocabulary Term Definition
automation The use of self-regulated equipment, processes, or systems that meet manufacturing requirements with limited human intervention. Automation requires software to control processes.
Bluetooth A wireless technology developed by the Bluetooth Special Interest Group that enables short-range communication between wireless devices. Bluetooth devices from versions 1.0 to 3.0 are considered Bluetooth Classic devices while Bluetooth versions 4.0 and later are considered Bluetooth Low Energy (LE) devices.
Bluetooth 4.0 Wireless communication technology that includes devices in the first iteration of the Bluetooth Low Energy (LE) standard. Bluetooth 4.0 devices can use the latest security protocols.
Bluetooth Classic Wireless communication technology that includes legacy Bluetooth devices up to Bluetooth version 3.0. Later Bluetooth Classic devices are still commonly used for various applications but require more energy than Bluetooth Low Energy devices.
broadcast range The area surrounding a wireless access point within which wireless-enabled devices can exchange digital information. Network broadcast range should be limited to the area or facility using the wireless connection.
criminal hackers A type of hacker who uses computer coding and other skills to carry out illegal activities, such as stealing sensitive data or disabling digital technology. Criminal hackers, or black hat hackers, may include nation-states, foreign or domestic groups, or individuals seeking financial or political gain.
cross-network interference A disruption of wireless communication caused by devices sending too much digital information over the same radio frequencies. Cross-network interference may occur when different Wireless Local Area Networks (WLANs) are established too close to one another.
cybersecurity Protection against criminal or unauthorized access to computer networks, programs, and data. Cybersecurity has become a major industrial concern as networking and connectivity have increased.
data encryption The process of transforming data into another format that can only be accessed using a decryption key. Data encryption occurs as data is exchanged between computing devices on a WPA2-secured WiFi network.
data monitoring tools A software or firmware component designed to collect and store digital information in real time. Data monitoring tools help improve manufacturing processes but can also be used by criminal hackers for malicious purposes.
data sharing Making data stored on a digital device available to other devices through a network connection. Data sharing features on Industrial Internet of Things (IIoT) devices can potentially expose the device or the network to cyber attacks.
default passwords A temporary series of characters pre-programmed onto a device that must be entered to access otherwise locked software on the device. Default passwords on a device may be known to people other than the device user, including criminal hackers, and should always be changed.
default settings Pre-configured features, options, or functions on a digital device that are set up by the manufacturer. Some default settings may increase cybersecurity risks.
Denial of Service attacks DoS attacks. A cyber attack aimed at disrupting or disabling a system or network by flooding it with more internet traffic than it can handle. Denial of Service attacks are typically carried out by infecting a single device on a network.
diagnostics A set of computer instructions used to investigate and analyze the cause or nature of errors or failures. Diagnostic information tells the operator or technician how the system is performing.
digital Consisting of information that is input or output electronically as a series of pulses or signals, often resulting in binary strings of 0s and 1s. Digital computing devices interpret various programming commands as binary digits.
end devices A device in a network that receives instructions through wired or wireless communication channels to perform specific functions. End devices on wireless networks may include computers, sensors, or smart devices.
ethernet A type of network connection that uses wires to enable communication between computing devices. Ethernet is considered the industry standard for local area networks (LANs).
evil twin attack The process of tricking a wireless internet user into connecting to a rogue AP set up by a hacker. Evil twin attacks often occur on open wireless local area networks.
firewall A software program or hardware device that allows intended internet communications over a network while blocking access to unauthorized users or websites. Firewall software can be installed on a digital system like other software packages.
gateway A device used to join two incompatible hardware components or protocols on a network. Gateway devices are available as preconfigured or configurable.
Global Positioning System GPS. A digital technology that uses satellites to determine an objects's geographic location. Global Positioning System technology is commonly used in wardriving software to map unsecured wireless local area network (WLAN) connections.
guest networks A secondary wired or wireless network that uses networking technology to enable basic internet access while excluding any connections to files on the main network. Using guest networks for basic internet services instead of the primary network can help prevent criminal hackers from accessing sensitive information on the primary network.
hostname The name given to a computing device to identify it on a network. The hostname of a device, unlike the media access control address (MAC address), is typically established by the device user.
human-machine interfaces HMIs. A device or system that displays machine or process information and provides a means for entering control information. Some human-machine interfaces can communicate with sensors and other devices wirelessly.
IIoT Industrial Internet of Things. A network of physical devices used in manufacturing that contain computing systems that allow them to send and receive data. The IIoT allows devices to exchange data and automate processes without any human intervention.
individual data encryption A type of data encryption in which each individual device uses its own unique encryption key rather than requiring a router that encrypts data on the network. Individual data encryption is a feature of Wireless Protected Access 3 (WPA3).
Industrial Internet of Things IIoT. A network of physical devices used in manufacturing that contain computing systems. The Industrial Internet of Things allows devices to exchange data and automate processes without any human intervention.
Industry 4.0 A stage in manufacturing that uses connected devices and digital technologies. Industry 4.0 uses automation and data exchange to achieve advancements in a variety of industries.
International Electrotechnical Commission IEC. An international organization that prepares and publishes all standards for electrical, electronic, and related technologies. The International Electrotechnical Commission develops standards that are applied in Europe and other countries.
internet protocol address IP addresses. A unique numeric identifier for each node on a network. A device's Internet protocol address is used to communicate with the device using an internet protocol.
local area network LAN. A type of wired network that enables communication between a group of computing devices in a specific geographic location. Local area networks are commonly used by manufacturers and other organizations to store and exchange digital information across a large facility.
malware Any malicious code or software that can potentially harm a computer, device, or network, or retrieve data from the network or device without authorization. Malware often exists undetected on systems for extended periods of time.
media access control address MAC address. The unique name used to identify a network device. The media access control address of a device does not change regardless of the network the device is connected to.
network A group of hardware devices connected through a cable or by wireless methods. A network allows multiple devices to communicate and share information.
network coordinator A specified device used to establish a wireless network and govern all digital communication on the network. Network coordinators are used in both ZigBee and WirelessHART networks.
network device tracking The process of identifying and monitoring computing devices connected to wired or wireless networks. Network device tracking can help users locate known devices or identify unknown devices on the network.
network security key A series of characters known only by authorized network users that, when entered, allows users to connect to a network. Network security keys that contain higher numbers of random characters are more secure than simpler keys with less characters.
network segmentation The process of segregating wired and wireless devices at a facility based on whether the device exchanges data over wide area networks (WANs), local area networks (LANs), and personal area networks (PANs). Network segmentation for wireless networks is accomplished by placing firewalls or secure web gateways between different parts of the networks to limit and monitor communication.
networking technologies Any hardware or software tool used to connect digital devices on a wired or wireless network. Networking technologies for wireless networks may include wireless routers, firewalls, and other hardware devices as well as internet protocols and security software tools.
open network connection Unsecured network connection. A type of internet connection that can usually be accessed by anyone in range and does not encrypt data exchanged across the connection. Open network connections are typically used by public wireless local area networks (WLANs) but can also be used by privately-owned networks with no active password protection or security features.
open standard Standards that allow any company to design a device, process, or protocol. Open standards for wireless networks have allowed numerous companies to develop devices that communicate with each other.
passive attack A cyber attack method in which a hacker secretly observes and records data exchanged between digital systems across a network without affecting or altering system functionality. A passive attack, which is sometimes referred to as eavesdropping, is often carried out by hackers using public WiFi to steal sensitive data.
peripheral devices A physical device connected on a wired or wireless network that performs an auxiliary function. Peripheral devices communicate with primary devices in a Bluetooth network.
piggybacking The process of connecting to a wireless access point owned by another individual or organization. Piggybacking can cause a wireless network to transfer data at slower than normal speeds.
primary device A device on a wired or wireless network that serves as the central point of communication between other devices. Primary devices communicate with one or more peripheral devices in a Bluetooth network.
process control A method of monitoring process performance by measuring and regulating the processes that yield a product. Process control involves collecting and analyzing data to help reduce error.
programmable logic controllers PLC. A processor-driven device that uses logic-based software to provide electrical control to machines. Programmable logic controllers are used in factory automation.
proprietary A product whose rights are owned by the company that designed it. Proprietary products can be used only with the permission of the owner.
radio signal interference A disruption to a radio communication channel. Radio signal interference may be cause by physical barriers or other sources of radio wave transmission, such as electronic devices.
radio waves A type of electromagnetic radiation with wavelengths longer than infrared light. Radio waves are used with many applications, such as wireless networks, radio communication, and television broadcasting.
remote Hosted externally on one or more devices. Remote servers can be cost-effective but may be less secure than local servers.
rogue access point Rogue AP. A wireless access point installed on a network without the knowledge of the network's owner. Rogue access points are often used by hackers to steal sensitive data or carry out other malicious actions.
rogue AP Rogue access point. A wireless access point installed on a network without the knowledge of the network's owner. Rogue APs are often used by hackers to steal sensitive data or carry out other malicious actions.
secure web gateway A hardware device that can monitor and direct network traffic and detect potential cyber threats. Secure web gateways can be configured to block both incoming and outgoing network traffic based on certain parameters and can even prohibit users on the network from conducting actions on their devices that violate specified cybersecurity policies.
security monitoring software A software tool that allows users to view operational and security status details of devices on a digital network. Security monitoring software often uses visual tools to display device status data on a user-friendly interface.
security protocols A practice or process that is often standardized and protects a digital network from digital threats. Security protocols may include the use of software and hardware security tools and govern the actions of digital technology users.
service interruption A discontinuing of wired or wireless connectivity, typically unplanned, caused by an object or event. Service interruptions may be caused by naturally occurring events, unintentional actions of users, or by the intentional actions of criminal hackers.
service set identifier SSID. A label given to a group of devices on a Wireless Local Area Network (WLAN). The service set identifier essentially identifies a specific WLAN network.
smart actuators A device equipped with software that can process digital signals as data, monitor processes, and control mechanisms without human interaction. Smart actuators are more advanced than normal digital actuators since they can process data internally rather than simply sending digital signals to an external system to be processed.
smart sensors A device equipped with software that can detect physical inputs, process them as data, and output digital signals. Smart sensors are more advanced than normal digital sensors since they can process data internally rather than simply sending digital signals to an external system to be processed.
smart technology A computing technology that can send and receive data without human intervention. Smart technology generally requires internet connectivity to enable data processing.
specifications A description of the essential technical properties of a finished product. Specifications for wireless security include information about component design requirements and functionality.
standard An established policy regarding a particular practice or method. Standards for wireless technology are intended to enable the secure exchange of data between wireless devices.
trade secrets A formula, practice, process, design, instrument, pattern or compilation of information that is not generally known or reasonably established. Digital documents containing trade secrets can potentially be stolen by criminal hackers.
Trusted Wireless 2.0 A wireless communication technology that uses a proprietary communication standard. Trusted Wireless 2.0 technology is designed for industrial applications and can handle both short range and long range wireless communication.
unsecured network connections Open network connection. A type of internet connection that can usually be accessed by anyone in range and does not encrypt data exchanged across the connection. Unsecured network connections are typically used by public wireless local area networks (WLANs) but can also be used by privately-owned networks with no active password protection or security features.
wardriving The process of driving through a geographical area to local open or unsecure wireless networks using a wireless-capable device. Wardriving often results in open networks being plotted on a digital map.
WiFi A type of wireless network that enables communication between devices at a single geographical location. WiFi networks are typically established by connecting a wireless access point to a wired internet device.
WiFi signal The radio signals emitted by a wireless access point (AP) that enables wireless communication. WiFi signals communicate using 2.4 GHz and 5 GHz radio frequency bands.
WiFi-enabled Capable of supporting wireless communication on a wireless local area network (WLAN). WiFi-enabled devices exchange data with a wireless access point (AP).
wired network A type of digital communication network that sends and receives signals between computing devices using copper or fiber optic cable. A wired network can be restricted to a single location or extended over long distances.
wireless access point Wireless AP. A device that enables wireless communication by emitting a radio signal across its surrounding area. Wireless access points are typically connected to wired internet technology, such as a cable modem.
wireless AP Wireless access point. A device that enables wireless communication by emitting a radio signal across its surrounding area. Wireless APs are typically connected to wired internet technology, such as cable modem.
wireless local area network WLANs. A type of wireless network that enables communication between devices at a single geographical location. Wireless local area networks, commonly referred to as WiFi networks, are typically established by connecting a wireless access point to a wired internet device.
wireless network A type of digital communication network that sends and receives signals using radio waves instead of copper or fiber optic cable. In a wireless network, a device transmits a radio signal through an antenna.
wireless network adapter A device often connected to a wired network that enables other devices to communicate with the network wirelessly. Wireless network adapters are installed as hardware components on most computers.
wireless personal area networks WPAN. A type of wireless network that enables communication over a short distance between a group of two or more computing devices. Wireless Personal Area Networks may be set up in a small room or office.
Wireless Protected Access WPA. An older wireless network security protocol. Wireless Protected Access uses dated encryption methods and is now considered unsecure.
Wireless Protected Access 2 WPA2. A current wireless network security protocol that improves on Wireless Protected Access (WPA). Wireless Protected Access 2 is still widely used and strengthens cybersecurity but may be susceptible to future attacks due to recently discovered vulnerabilities.
Wireless Protected Access 3 WPA3. An advanced wireless network security protocol that improves on Wireless Protected Access 2. Wireless Protected Access 3 encrypts all data sent from one WPA3-enabled device to another, even if the data is exchanged on open, unsecured wireless local area networks (WLANs).
wireless router A networking device that transmits data through an antenna rather than a network cable. Wireless routers, which are used to create computer networks, operate through the use of radio waves.
wireless wide area network WWANs. A type of wireless network that enables communication between mobile devices across multiple geographic locations using cellular towers as wireless access points. Wireless wide area networks, also called cellular networks, are generally open, unsecured networks and are not recommended for exchanging sensitive information.
WirelessHART A wireless communication standard developed specifically to enable wireless communication for industrial applications. WirelessHART networks can use wireless network adapters to connect wired HART devices to the network.
WirelessHART adapters A device used in a wirelessHART network that connects to wired HART devices in order to enable these devices to communicate wirelessly. WirelessHART adapters allow wired HART devices to communicate with other WirelessHART devices on the network.
WLANs Wireless Local Area Network. A type of wireless network that enables communication between devices at a single geographical location. WLANs, commonly referred to as WiFi networks, are typically established by connecting a wireless access point to a wired internet device.
WPA2 Wireless Protected Access 2. A current wireless network security protocol that improves on Wireless Protected Access (WPA). WPA2 is still widely used and strengthens cybersecurity but may be susceptible to future attacks due to recently discovered vulnerabilities.
WPAN Wireless Personal Area Network. A group of two or more computing devices that communicate wirelessly over a short distance. A WPAN may be set up in a small room or office.
ZigBee A cost-efficient wireless communication technology commonly used for automating manufacturing processes. Zigbee networks use a network coordinator device that manages all wireless communication on the network.