Why WPA3 Is Not a Cure-all for Wi-Fi Hacking

Do you remember the Key Re-installation Attack or “KRACK attack” news from 2017? Most of us will never forget. When one researcher uncovered a number of vulnerabilities present in WPA2’s 4-way handshake, the world was shocked to realize that such a trusted standard’s encryption could be defeated so easily. In response, the Wi-Fi industry rallied together to develop an improved standard with better security – WPA3.

Although WPA3 is leaps and bounds better than its predecessor, we need to be wary of the Wi-Fi security threats that persist in spite of it. That’s why Ryan Orsi, director of product management for Wi-Fi at WatchGuard, just published a guest article on RCR Wireless that outlines the top Wi-Fi attacks we all face today and how building a Trusted Wireless Environment can protect against them. Here’s Ryan’s take on WPA3:

“These enhancements in WPA3 have been warmly received within the industry, but despite its security improvements, at least one of the six Wi-Fi threat categories – Rogue AP, Rogue Client, Evil Twin AP, Neighbor AP, Ad-Hoc Networks, and Misconfigured APs – can still be used to compromise WPA3 networks. Each of these types of threats represent a unique method attackers can use to either position themselves as a MitM or eavesdrop on network traffic silently.

The Evil Twin AP attack, for example, is very likely to be used in Enhanced Open Wi-Fi networks, since OWE can still take place between a victim client and an attacker’s Evil Twin AP that is broadcasting the same SSID, and possibly the same BSSID as a legitimate AP nearby.  Although OWE would keep the session safe from eavesdropping, the victim’s Wi-Fi traffic would flow through the Evil Twin AP and into the hands of an MitM, who can intercept credentials, plant malware, and install remote backdoors.

Although passive eavesdropping on open Wi-Fi networks will likely become a thing of the past, one very critical missing piece to WPA3 is that humans and client devices connecting to an SSID still have no way to confidently know that the SSID is being broadcasted from a legitimate access point or router. The SSID can still be broadcasted, with WPA3 enabled, from a malicious Evil Twin AP, for example. To help combat these types of widespread Wi-Fi vulnerabilities, more and more IT departments are creating Trusted Wireless Environments that are capable of automatically detecting and preventing Wi-Fi threats.”

For more information on today’s most prevalent Wi-Fi threats and why WPA3 alone isn’t enough to protect against them, read the full article on RCR Wireless. At the end of the day, it’s critical every organization understands that most Wi-Fi products available today simply aren’t enough when it comes to the level of security they can provide, and for users to remain educated about the very real threats they’re up against when using Wi-Fi every day.

To join the Trusted Wireless Environment movement and advocate for a global security standard for Wi-Fi, click here.