WPA/WPA2 protocols are potentially affected by the new hack
Enterprise network security researchers have recently discovered a new attack on WiFi (WPA/WPA2) protected access protocols, security standards aimed to make wireless network connection safer.
Experts accidentally discovered the attack when testing the new WPA3 security standard, recently announced. What makes this different from the previous attacks against WPA is that it does not require the compilation of a complete 4-way EAPOL (Extensible Authentication Protocol over LAN) binding protocol.
According to the WiFi Alliance, “the biggest difference between the new method and the previous WPA/WPA2 attacks is that the hacker no longer needs another user to be online on the attacked network to extract the credentials, now hackers just need to start the authentication process”.
It is also mentioned that a hacker must be in a physical position that allows him to register the authentication process from the access point (AP) while waiting for the user to log on to the network.
Enterprise network security experts from the International Institute of Cyber Security issue a series of recommendations to strengthen the security of your WiFi connections:
- Install any available updates for each one of your devices
- Establish a password that is secure enough for your network
- Disable public network sharing when connected to an unsecure WiFi network (public WiFi)
- Turn off your WiFi connection if you do not use it daily
- To the extent possible, avoid the use of public connections, instead it is recommended to use your data plan
- Be sure to access only websites that use HTTPS encryption as an additional security measure
- Keep the operating system firewall enabled
- Use a virtual private network (VPN) when you set up a connection to a public WiFi
- Make sure you have an antivirus installed on your devices
- If you are using a public WiFi connection, do not navigate without using antispyware software
Although you should not panic because of the growing number of threats to your online privacy, specialists in enterprise network security agree that it is better to use some of the protection measures listed to enjoy the best experience while browsing through WiFi networks.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.