CYBER SECURITY ENTHUSIAST

Security researchers have recently found a new attack on the Wi-Fi Protected Access Protocols (WPA/WPA2) which you know are security standards aimed at making your wireless networks more secure. They discovered it by accident while testing the new WPA3 security standard that was recently announced. What makes this attack different from previous attacks against WPA is that it does not require to collect a complete EAPOL (Extensible Authentication Protocol over LAN) 4-way handshake.

It is performed on the RSN IE (Robust Security Network Information Element) with a simple EAPOL frame and means that could let malicious actors to get the data they need  via a packet capture tool (such as hascat) and then brute-force metod.

You can read more technical details on how this attack works here.  Hashcat developer Jens “Atom” Steube said for iTnews publication that:

“The biggest difference between the new method and prior WPA/WPA2 cracks is that an attacker no longer needs another user to be on the target network to capture credentials – “simply starting the authentication process will do”.

He also added that an attacker has to be in a physical position that allows him to record the authentication process from the Access Point (AP) and the user while waiting for the user to log into the network.

Basically, this attack is related with the PMKID (Pairwise Master Key Identifier) and its success depends on how strong and complex the PSK (Pre-Shared Key) is. This method is used by home users to enhance network security. Using this method, users enhance network security and protect their devices when connected via a Wireless network.

According to security researchers, the attack is supposed to affect all devices supporting 802.11 i/p/q/r/ networks with roaming functions enabled, which apply to most of all modern routers.

How to secure your data against Wi-fi attacks

To better secure your home Wi-Fi network, we strongly recommend to read and follow these security measures, so you can stay safe and protect your devices from being compromised:

  1. First of all, do not panic and install any update available for every device you might have in your home, even for those you haven’t thought about it in the first place, such as smartphones, smartwatches, fitness bands, laptops, digital cameras, printers, smart TVs, cars, etc. This applies also to all the applications used because most people tend to forget about hardware updates and postpone them. Update and patch everything.
  2. Set and apply a strong PSK password when configuring the WPA-PSK encryption on your router from Wireless Settings. Also, check out this easy-to-use password security guide that will help you learn how to set strong and uniques passwords for your accounts;
  3. Turn off public network sharing when you are connected to an unsecured Wi-Fi network (where no password is required) in a public place. A secure Wi-Fi network means that you need to ask for a password from the public place you’re visiting to access the Internet;
  4. We also suggest to turn OFF the Wi-Fi connection, if you don’t need or use it on a daily basis. This step-by-step guide on how to maximize your home network security may come in handy;
  5. Avoid connecting to public Wi-Fi networks, and use instead of your data plans;
  6. Make sure you access only websites that use HTTPS encryption, as an additional layer of protection;
  7. Remember to keep the firewall enabled on your operating system;
  8. You might want to use a Virtual Private Network (VPN) when setting up a connection to an unsecured public Wi-Fi;
  9. Make sure you have an antivirus program installed on your device or a multi-layered proactive security system;
  10. If you’re connected via Wi-Fi in a public place, don’t browse the Internet without having a good antispyware software program. You should connect only to secured services.

We don’t say you should become paranoid about Wi-Fi security but make sure you apply these basic security measures when it comes to securing your wireless network.

*This article features cyber intelligence provided by CSIS Security Group researchers.

2017.10.23 INTERMEDIATE READ

The Krack Wi-fi Vulnerability Explained in Plain Terms

Security Steps To Stay Safe on Public Wi-Fi Networks
2017.01.05 INTERMEDIATE READ

11 Steps to Improve Your Public Wi-Fi Security [Updated]

The Daily Security Tip
2016.03.14 QUICK READ

How To Improve Your Online Safety: Sign up for The Daily Security Tip

Comments

WPA is the Wi-Fi Protected Access which is an advanced secure version of the wireless security. There is also a more advanced version of it which is WPA2. You should always use this type of security on your wifi to make it more secure.

WPA is the Wi-Fi Protected Access which is an advanced secure version of the wireless security. There is also a more advanced version of it which is WPA2. You should always use this type of security on your wifi to make it more secure.

Enjoyed reading the article above , really explains everything in
detail,the article is very interesting and effective.Thank you and good
luck for the upcoming articles

Hello and many thanks for your kind words and feedback! We appreciate it and thanks for reading the blog!

There is an area of corporate responsibility that is largely neglected, but represents one of the most pressing issues in the world today: the need to teach the underserved public-at-large how to be safe on the Internet.

We have $600 billion in cybercrime because effective education of the general public in Internet safety is virtually nonexistent. Society has not been taught how to avoid online scams. Internet criminals victimize millions of people every day, knowing they do not know how to defend themselves. To quote H.G. Wells, “Civilization is in a race between education and catastrophe.”

The Internet Safety Group is doing something about it TODAY. Nobody else is doing what we are doing: providing understandable, actionable, motivational LIVE Internet safety community training for everyone.

Please visit the Kickstarter page

Internet Safety Group Fight The Internet Bad Guys & Win!

And look. Consider. Contribute. Get involved. Share the word.

Thank you!

Dave Moore

Thanks for a good article and important news shared but, are you 100% sure that the post on the site/forum hashcat actually mention WPA2 PSK? I read the post/thread twice and still can’t see anything about WPA2 PSK and thats very important as it’s a big difference between WPA PSK and WPA2 PSK.

Hello and thank you so much for your feedback and kind words! Also, thanks for the question. Indeed, the site/forum hashcat describes the technique to crack WPA passwords, and there’s a mention of WPA 2 in the tile, which means it could be also vulnerable until WPA3 will be available.

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP