Researchers looking into the new more secure WPA-3 Wi-Fi protocol have discovered a huge weakness in the current WPA-2 standard
We reported towards the end of June that the first WPA-3 Wi-Fi devices were becoming available. A collective of tech companies called the Wi-Fi Alliance were beginning to certify devices with the new enhanced security protocol, which is almost invulnerable to hackers guessing people’s passwords. Now researchers who have been looking into WPA-3 announced that they have found a new way to breach the current standard Wi-Fi formats WPA/WPA2.
Although new WPA-3 devices are starting to come on the scene, almost all Wi-Fi enabled devices still use WPA-2. This latest vulnerability enables hackers to intercept sensitive information like passwords sent by WPA/WPA-2 devices. The attack relies on non-traditional methods, which make defending against it very difficult.
The new WPA-2 vulnerability, discovered while looking for potential gaps in WPA-3 security, affects all WPA/WPA-2 secured modems which have Pairwise Master Key Identifiers. It will be places like hospitals and schools that will be most vulnerable to WPA-2’s security shortcomings.
Add this new threat to the massive KRACK vulnerability, discovered last year, and it is clear the world needs to start adopting WPA-3 much more quickly. At the time KRACK effected every WPA-2 enabled Wi-Fi device in the world, and a plethora of tutorials, patches, and updates were needed to get back on top of things.
The big difference between WPA-2 and WPA-3 is individual data encryption. The scrambling of all communication between Wi-Fi devices makes it much more difficult to crack. According to the researcher behind these new findings, this will make WPA-3 immune to this new method of attack. We can expect that there will be a wider release of WPA-3 certified devices this year. If things like KRACK keep cropping up, that can’t come fast enough.