Security Alert: New Attack on WPA/WPA2 Protocols Could Potentially Impact Many Wi-Fi Devices
And why you need to enhance your home wireless network security
Security researchers have recently found a new attack on the Wi-Fi Protected Access Protocols (WPA/WPA2) which you know are security standards aimed at making your wireless networks more secure. They discovered it by accident while testing the new WPA3 security standard that was recently announced. What makes this attack different from previous attacks against WPA is that it does not require to collect a complete EAPOL (Extensible Authentication Protocol over LAN) 4-way handshake.
It is performed on the RSN IE (Robust Security Network Information Element) with a simple EAPOL frame and means that could let malicious actors to get the data they need via a packet capture tool (such as hascat) and then brute-force metod.
You can read more technical details on how this attack works here. Hashcat developer Jens “Atom” Steube said for iTnews publication that:
“The biggest difference between the new method and prior WPA/WPA2 cracks is that an attacker no longer needs another user to be on the target network to capture credentials – “simply starting the authentication process will do”.
He also added that an attacker has to be in a physical position that allows him to record the authentication process from the Access Point (AP) and the user while waiting for the user to log into the network.
Basically, this attack is related with the PMKID (Pairwise Master Key Identifier) and its success depends on how strong and complex the PSK (Pre-Shared Key) is. This method is used by home users to enhance network security. Using this method, users enhance network security and protect their devices when connected via a Wireless network.
According to security researchers, the attack is supposed to affect all devices supporting 802.11 i/p/q/r/ networks with roaming functions enabled, which apply to most of all modern routers.
How to secure your data against Wi-fi attacks
To better secure your home Wi-Fi network, we strongly recommend to read and follow these security measures, so you can stay safe and protect your devices from being compromised:
- First of all, do not panic and install any update available for every device you might have in your home, even for those you haven’t thought about it in the first place, such as smartphones, smartwatches, fitness bands, laptops, digital cameras, printers, smart TVs, cars, etc. This applies also to all the applications used because most people tend to forget about hardware updates and postpone them. Update and patch everything.
- Set and apply a strong PSK password when configuring the WPA-PSK encryption on your router from Wireless Settings. Also, check out this easy-to-use password security guide that will help you learn how to set strong and uniques passwords for your accounts;
- Turn off public network sharing when you are connected to an unsecured Wi-Fi network (where no password is required) in a public place. A secure Wi-Fi network means that you need to ask for a password from the public place you’re visiting to access the Internet;
- We also suggest turning OFF the Wi-Fi connection, if you don’t need or use it on a daily basis. This step-by-step guide on how to maximize your home network security may come in handy;
- Avoid connecting to public Wi-Fi networks, and use instead of your data plans;
- Make sure you access only websites that use HTTPS encryption, as an additional layer of protection;
- Remember to keep the firewall enabled on your operating system;
- You might want to use a Virtual Private Network (VPN) when setting up a connection to an unsecured public Wi-Fi;
- Make sure you have an antivirus program installed on your device or a multi-layered proactive security system;
- If you’re connected via Wi-Fi in a public place, don’t browse the Internet without having a good antispyware software program. You should connect only to secured services.
We don’t say you should become paranoid about Wi-Fi security but make sure you apply these basic security measures when it comes to securing your wireless network.
*This article features cyber intelligence provided by CSIS Security Group researchers.
Nice blog
Exceptionally Informative article. I’m fulfilled that you basically imparted this accommodating data to us. If it’s not too much trouble stay up with the latest like this.
This data is exceptionally valuable to me, thank you for sharing.
Very Informative article. I’m satisfied that you simply shared this helpful info with us. Please keep us up to date like this.
This information is very useful to me, thank you for sharing.
Thanks for this informative post. This will help me a lot.
Very Informative article. I’m satisfied that you simply shared this helpful info with us. Please keep us up to date like this.
This information is very useful to me, thank you for sharing.
Thanks for the blog. I truly appreciate your time and effort for posting this blog this really helped me a lot
That’s excellent work!!!
Hi,
Certainly a great write up for the latest bug in WPA family, However, it all comes down to how strong the password is, so it cannot be cracked but still lets hope WPA-3 doesn’t have such an issue 🙂
I am appreciating for your efforts. recently I am using ESET antivirus program to protect my device from malicious attacks through a Wi-Fi connection. But I might give a try to the method which you have mentioned in this article. I hope it would work for me.
Thanks for a good article and important news shared
Thanks for a good article and important news shared it is really good content keep doing as always.
Would just like to mention, that hashcat is not a packet capture utility, it is a hash decrypter. The attack use done by using hcxdumptools.Then the pmkid hash is converted to pcapng format for cracking using hashcat.
Thanks for this article this is really helpful for me
Wifi device is a use of risky nowday. So we should check a security alert always. An attacker is reaching to broke my WPA system. We use the latest update of a security system.
Thanks for this article. It will help me a lot.
WPA is the Wi-Fi Protected Access which is an advanced secure version of the wireless security. There is also a more advanced version of it which is WPA2. You should always use this type of security on your wifi to make it more secure.
WPA is the Wi-Fi Protected Access which is an advanced secure version of the wireless security. There is also a more advanced version of it which is WPA2. You should always use this type of security on your wifi to make it more secure.
Enjoyed reading the article above , really explains everything in
detail,the article is very interesting and effective.Thank you and good
luck for the upcoming articles
Hello and many thanks for your kind words and feedback! We appreciate it and thanks for reading the blog!
There is an area of corporate responsibility that is largely neglected, but represents one of the most pressing issues in the world today: the need to teach the underserved public-at-large how to be safe on the Internet.
We have $600 billion in cybercrime because effective education of the general public in Internet safety is virtually nonexistent. Society has not been taught how to avoid online scams. Internet criminals victimize millions of people every day, knowing they do not know how to defend themselves. To quote H.G. Wells, “Civilization is in a race between education and catastrophe.”
The Internet Safety Group is doing something about it TODAY. Nobody else is doing what we are doing: providing understandable, actionable, motivational LIVE Internet safety community training for everyone.
Please visit the Kickstarter page
Internet Safety Group Fight The Internet Bad Guys & Win!
And look. Consider. Contribute. Get involved. Share the word.
Thank you!
Dave Moore
Thanks for a good article and important news shared but, are you 100% sure that the post on the site/forum hashcat actually mention WPA2 PSK? I read the post/thread twice and still can’t see anything about WPA2 PSK and thats very important as it’s a big difference between WPA PSK and WPA2 PSK.
Hello and thank you so much for your feedback and kind words! Also, thanks for the question. Indeed, the site/forum hashcat describes the technique to crack WPA passwords, and there’s a mention of WPA 2 in the tile, which means it could be also vulnerable until WPA3 will be available.