A “major” design flaw in the Wi-Fi standard allows hackers to trick victims into connecting to an insecure wireless network instead of the one initially desired.
What would we do today without a Wi-Fi network, whether domestic or public? Not much. Whether working, streaming video, or staying connected on the go, we rely on this ubiquitous standard to ensure a reliable and secure seamless wireless connection.
Unfortunately, a team of researchers from KU Leuven in Belgium has just revealed a fundamental flaw in the IEEE 802.11 standard that governs Wi-Fi. This flaw, referenced CVE-2023-52424, affects all Wi-Fi clients, regardless the operating system or protocol used (WPA3, WEP, 802.11X/EAP). Needless to say, it is difficult to escape.
Attackers can thus trick victims into mistakenly connecting to a malicious and insecure Wi-Fi network, leading to great vulnerability of their personal data.
The flaw lies in the treatment of the SSID by the standard
The problem arises from the fact that the Wi-Fi standard does not systematically require authentication of the Service Set Identifier (SSID), the unique identifier of the wireless network. The researchers explain that during the “ 4 way handshake » which allows mutual authentication and encryption, the SSID is not always included in the key derivation.
This flaw opens the door to a formidable attack. A hacker can set up a malicious hotspot with the same SSID as a nearby legitimate Wi-Fi network. When the victim attempts to connect to the correct network, they are actually diverted to the hacker’s fake access point. Its traffic is then exposed to interception and manipulation.
For the attack to work, certain conditions are required, such as the presence of two Wi-Fi networks sharing the same credentials. This is often the case with 2.4 GHz and 5 GHz networks deployed in many environments. The 5 GHz network being more secure, the attacker’s goal is to degrade the connection to the more vulnerable 2.4 GHz.
How to use a Wi-Fi network safely
Although the conditions required to be vulnerable to this attack are not typical, Clubic gives you some essential tips for safer Wi-Fi browsing.
Be wary of unsecured public Wi-Fi networks, especially in airports, cafes or free hotspots. Preferably use your mobile connection or a VPN if you absolutely must connect.
Then make sure your device connects to the correct SSID before exchanging sensitive data. An attacker can broadcast a legitimate SSID to deceive users.
Always enable WPA2 or WPA3 encryption on your home network and change the pre-shared key regularly. Disable SSID broadcasting if possible.
Regularly update the firmware of your router and other connected devices. Manufacturers release patches to close security holes as they are discovered.
Consider implementing robust authentication solutions like 802.1X/EAP in enterprise environments to further secure Wi-Fi connections.
Source : Dark Reading, Top 10 VPNs
7