WPA2, WPA3, and Wireless Network Security Updates
Put a strong defense in place to protect your wireless security network.
Articles published November 3, 2017 by Ben Killion
WPA: A Brief History
Wi-Fi Protected Access (WPA) is a security standard that allows your devices to wirelessly connect to the internet. The WPA standard was implemented in 2003, followed closely by an updated version, Wi-Fi Protected Access II (WPA2), in 2004. WPA2 was the most commonly used Wi-Fi encryption standard for more than a decade, however, in 2017, it was announced that WPA2 had been exploited and was extremely vulnerable.
With the 2017 vulnerability, hackers were able to use key reinstallation attacks (KRACKs) to see and intercept data passing from a device to the wireless connection — data normally assumed to be safely encrypted. This vulnerability put sensitive data like credit card numbers, emails, and passwords at risk.
While WPA2 networks were also susceptible to password guessing attacks from a vulnerability in the 4-way handshake, KRACK attacks were the first kind of attack against the protocol that didn’t rely on password guessing. Instead, they allowed hackers to decrypt Wi-Fi users' data without cracking or knowing the actual Wi-Fi password. Merely changing your Wi-Fi network password would not prevent or mitigate a KRACK.
In 2018, the Wi-Fi alliance implemented WPA3, the newest wireless network security protocol, which protects networks from KRACK attacks. Although designed with stronger encryption and an overhauled handshake intended to eliminate the opportunity for password guessing attacks, a flaw was discovered that still makes this possible under certain circumstances.
Security expert Mathy Vanhoef found that even with WPA3, “If the victim uses no extra protection such as HTTPS, this allows an attacker [within proximity to the victim] to steal sensitive information such as passwords and emails.”
It’s important to be aware of the potential flaws and vulnerabilities in your security and to upgrade to the newest version of wireless protocols when possible, but what else can you do in the meantime to keep your devices safe?
1) Be Wary of Public Wi-Fi
Whether using a secured or unsecured public Wi-Fi network, connecting to a public network opens up the possibility for anyone near you on the same network to easily access your information. It’s important to note that private Wi-Fi can be vulnerable as well. For example, a hacker could gain access to a private corporate network through close proximity (such as the parking lot of the building).
2) Patch When Available
It’s recommended to patch and update your Wi-Fi and access points as soon as a patch becomes available. In addition to applying the patch, you can also install and leverage a Virtual Private Network (VPN) connection for mobile devices and workstations.
Cybersecurity: Defense in Depth
When attacks and vulnerabilities are made known, it’s a good time to reassess your organization’s current security posture and explore additional security options.
Technology services such as anti-virus, firewall protection, network monitoring, wireless security, and backups are layers of defense that minimize risk and enhance protection. Having a network that is protected behind an enterprise firewall and an elaborate network architecture is becoming a necessity, and can be the difference between being hacked and being secure.
Creating a culture around data security can also help prevent a lot of breaches. One way to start is to make security awareness training mandatory for all employees. This training should not only show employees the different kinds of cyber and social engineering attacks, but also show them how to recognize and avoid the attacks.
You should also have a data security policy in place. A data security policy should be used to define approved methods to securely transfer or share data and define restricted methods to help stop the use of unsupported or unsafe services and applications. They should include information about email policies, mobile devices, social networking, and internet usage. These policies should be documented, communicated (multiple times), enforced, and periodically reviewed and updated.
Many organizations leverage third-party experts for managed security services because it provides more time for internal resources to focus on core business functions and initiatives. With a managed services provider proactively monitoring your network and patching your applications, your organization can realize efficiency and productivity gains.
Remember, it's of the utmost importance for organizations to have the right strategies, policies, and processes in place to enhance cybersecurity efforts. The best plan for organizations is to build a strong defense to be protected from future attacks.
What steps are you taking to prevent cyberattacks?
Read our white paper: Enhancing Information Security In An Unsecure World