Heimdal
article featured image

Contents:

Security researchers have recently found a new attack on the Wi-Fi Protected Access Protocols (WPA/WPA2) which you know are security standards aimed at making your wireless networks more secure. They discovered it by accident while testing the new WPA3 security standard that was recently announced. What makes this attack different from previous attacks against WPA is that it does not require to collect a complete EAPOL (Extensible Authentication Protocol over LAN) 4-way handshake.

It is performed on the RSN IE (Robust Security Network Information Element) with a simple EAPOL frame and means that could let malicious actors to get the data they need  via a packet capture tool (such as hascat) and then brute-force metod.

You can read more technical details on how this attack works here.  Hashcat developer Jens “Atom” Steube said for iTnews publication that:

“The biggest difference between the new method and prior WPA/WPA2 cracks is that an attacker no longer needs another user to be on the target network to capture credentials – “simply starting the authentication process will do”.

He also added that an attacker has to be in a physical position that allows him to record the authentication process from the Access Point (AP) and the user while waiting for the user to log into the network.

Basically, this attack is related with the PMKID (Pairwise Master Key Identifier) and its success depends on how strong and complex the PSK (Pre-Shared Key) is. This method is used by home users to enhance network security. Using this method, users enhance network security and protect their devices when connected via a Wireless network.

According to security researchers, the attack is supposed to affect all devices supporting 802.11 i/p/q/r/ networks with roaming functions enabled, which apply to most of all modern routers.

How to secure your data against Wi-fi attacks

To better secure your home Wi-Fi network, we strongly recommend to read and follow these security measures, so you can stay safe and protect your devices from being compromised:

  1. First of all, do not panic and install any update available for every device you might have in your home, even for those you haven’t thought about it in the first place, such as smartphones, smartwatches, fitness bands, laptops, digital cameras, printers, smart TVs, cars, etc. This applies also to all the applications used because most people tend to forget about hardware updates and postpone them. Update and patch everything.
  2. Set and apply a strong PSK password when configuring the WPA-PSK encryption on your router from Wireless Settings. Also, check out this easy-to-use password security guide that will help you learn how to set strong and uniques passwords for your accounts;
  3. Turn off public network sharing when you are connected to an unsecured Wi-Fi network (where no password is required) in a public place. A secure Wi-Fi network means that you need to ask for a password from the public place you’re visiting to access the Internet;
  4. We also suggest turning OFF the Wi-Fi connection, if you don’t need or use it on a daily basis. This step-by-step guide on how to maximize your home network security may come in handy;
  5. Avoid connecting to public Wi-Fi networks, and use instead of your data plans;
  6. Make sure you access only websites that use HTTPS encryption, as an additional layer of protection;
  7. Remember to keep the firewall enabled on your operating system;
  8. You might want to use a Virtual Private Network (VPN) when setting up a connection to an unsecured public Wi-Fi;
  9. Make sure you have an antivirus program installed on your device or a multi-layered proactive security system;
  10. If you’re connected via Wi-Fi in a public place, don’t browse the Internet without having a good antispyware software program. You should connect only to secured services.

We don’t say you should become paranoid about Wi-Fi security but make sure you apply these basic security measures when it comes to securing your wireless network.

*This article features cyber intelligence provided by CSIS Security Group researchers.

Author Profile

Ioana Rijnetu

Cyber Security Enthusiast

linkedin icon

I am a thinker and dreamer human being. Passionate about online marketing and technology. Naturally curious and life long learner.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE