As most know, mid-last year the Wi-Fi Alliance announced WPA3, a replacement for the aging WPA2 Wi-Fi security and authentication standard. WPA3 was supposed to make it nearly impossible to crack a network password. However, this week, the same researchers behind the KRACK disclosure in 2017 released five new WPA3 vulnerabilities collectively named Dragonblood.
What do you need to know at these early stages to stay safe?
Dragonblood allows an attacker in range of a password-protected Wi-Fi network to obtain the password and gain access to sensitive information such as user credentials, emails and credit card numbers. According to the published report:
“The WPA3 certification aims to secure Wi-Fi networks, and provides several advantages over its predecessor WPA2, such as protection against offline dictionary attacks and forward secrecy. Unfortunately, we show that WPA3 is affected by several design flaws, and analyze these flaws both theoretically and practically. Most prominently, we show that WPA3’s Simultaneous Authentication of Equals (SAE) handshake, commonly known as Dragonfly, is affected by password partitioning attacks.”
Our Wi-Fi researchers at WatchGuard have been educating businesses globally that WPA3 alone will not stop the Wi-Fi hacks that allow attackers to steal information over the air (learn more in our recent blog post on the topic). These Dragonblood vulnerabilities impact a small amount of devices that were released with WPA3 support, and manufacturers are currently making patches available. One of the biggest takeaways for businesses of all sizes is to understand that a long-term fix may not be technically feasible for devices with lightweight processing capabilities such as IoT and embedded systems. Businesses need to consider adding products that enable a Trusted Wireless Environment for all types of devices and users alike.
Recognizing that vulnerabilities like KRACK and Dragonblood require attackers to initiate these attacks by bringing an “Evil Twin” Access Point or a Rogue Access Point into a Wi-Fi environment, we’ve been focusing on developing Wi-Fi security solutions that neutralize these threats so that these attacks can never occur. The Trusted Wireless Environment framework protects against the “Evil Twin” Access Point and Rogue Access Point. One of these hacks is needed to initiate the two downgrade or side-channel attacks referenced in Dragonblood.
What’s next? WPA3 is an improvement over WPA2 Wi-Fi encryption protocol, however, as we predicted, it still does not provide protection from the six known Wi-Fi threat categories. It’s highly likely that we’ll see more WPA3 vulnerabilities announced in the near future.
To help reduce Wi-Fi vulnerabilities, we’re asking all of you to join the Trusted Wireless Environment movement and advocate for a global security standard for Wi-Fi.