Today we going to discuss about attacks that can happen against Zigbee. Nowadays, technology is developing rapidly from time to time. Even the technology changing so fast it still face threat; physically or virtually from outsider. Despite using encryption AES 128 standard, which is also used by governments and banks but there is no network can promise 100% security.
First attack that probably can affect Zigbee is sniffing attack. Sniffing or sniffer attack is using packet analyzer or packet sniffer to theft or interception of data by capturing the network traffic. Sniffing attack in Zigbee network mean process of gathering all the available information from the network. This happen because the Zigbee network did not use proper encryption.
The threat that can attack Zigbee network is replay attack. Replay attack or playback attack is when a valid data transmission is ferociously or fraudulently repeated or delayed. Same like the sniffing attack, this replay attack also happen because of the weak and improper encryption.
Next threat is physical attack or also known as kinetic attack. These attack is straight forward because it involve in interfering with the devices in the Zigbee devices by locating it. The attackers can make a special serial interfaces to interrupt the Zigbee encryption.
Last possible threat that can happen to the Zigbee is denial-of-service (DoS) attack. This attack meant to shut down a device or network, making it unavailable to the user. The example of DoS attack such as signal jamming, reflexive jamming and maximization of frame.
All this attacks can be prevent by enforcing high security by preinstalling the network key on the Zigbee devices. Regular monitoring and maintenance also can help reducing all the threat to the minimum level.
Feel free to contact E-SPIN for your Zigbee troubleshooting, as E-SPIN carry range of product in specific for wireless network performance application analysis, that include cover the Zigbee use case and context for whether your new Zigbee support device testing. E-SPIN also carry dedicated full range of wireless penetration testing product for wireless network assessment, exploitation.