CDM-CYBER-DEFENSE-eMAGAZINE-March-2019

More documents

Recommendations

Info

Why Wi-Fi Hacking Will Persist Despite WPA3 By Ryan Orsi, Director Product Management, WatchGuard Technologies In 2017, the famed Key Re-installation Attack or “Krack” attack shocked the world by defeating WPA2 encryption. As a result, the Wi-Fi industry has rallied to release WPA3 with improved security protections. Unfortunately, WPA3 alone will not be enough to stop Wi-Fi attacks; not by a long shot. Before we explore why this is, let’s take a step back and examine the appeal of Wi- Fi attacks in the first place. The Wi-Fi attack surface is one of the most desirable to hackers for a variety of reasons. Just about any Wi-Fi network is highly exposed to vulnerabilities attackers can use to steal sensitive data, eavesdrop, and infiltrate further into the network. Why is it such an easy target? Nearly every cyber security company focuses on layer 7 application attacks (such as zero-day malware and ransomware), while historically very little effort has been made to defend against layer 2 Wi-Fi attacks. In fact, protections for layer 2 have only recently been introduced, leaving 20 years’ worth of Wi-Fi access points, routers, and clients wide open to attack. A primary goal for most Wi-Fi attackers is to gain position as the “man-in-the-middle (MitM).” This involves tricking a victim’s device into believing it’s connected to the internet through a legitimate Wi-Fi SSID, when in reality, an attacker is broadcasting the SSID and the victim’s traffic is flowing directly through to the attacker, allowing them to see everything the victim is doing, typing, watching and more. This type of attack is surprisingly common, and much easier to fall victim to than you might think. Back to the problem at hand. As I mentioned, the Krack attack roused the industry to develop WPA3, with security enhancements designed to address the shortcomings of its predecessor, WPA2. WPA3 contains a Personal and Enterprise implementation and its security improvements include the forced use of Protected Management Frames (PMF), which protect against
eavesdropping on unicast and multicast management frames and the replacement of WPA2’s 4- way handshake and Pre-Shared Key (PSK) system with Simultaneous Authentication of Equals (SAE). This essentially eliminates offline dictionary attacks. These security enhancements will help eliminate the various tricks and tools attackers have been using for years to intercept WPA2’s 4-way handshake packets, and upload to multiple free services that advertise “recovering your Wi-Fi password”. Open Wi-Fi networks supporting WPA3 also have improvements intended to prevent eavesdropping. Referred to by the Wi-Fi Alliance as “WPA3 Enhanced Open,” Wi-Fi networks that don’t require passwords will utilize Opportunistic Wireless Encryption (OWE), where each device will receive its own key. This will prevent others on the same open network from sniffing packets out of the air. But despite these welcome security improvements, at least one of the six Wi-Fi threat categories – Rogue AP, Rogue Client, Evil Twin AP, Neighbor AP, Ad-Hoc Networks, and Misconfigured APs – can still be used to compromise WPA3 networks. Each of these types of threats represent a unique method attackers can use to either position themselves as a MitM or eavesdrop on network traffic silently. That’s why more and more IT departments are creating Trusted Wireless Environments that are capable of automatically detecting and preventing Wi-Fi threats. Relying on WPA3 alone for Wi-Fi security is a mistake. Take the Evil Twin AP attack, for example. This threat is very likely to be used in Enhanced Open Wi-Fi networks, since OWE can still take place between a victim client and an attacker’s Evil Twin AP that is broadcasting the same SSID, and possibly the same BSSID as a legitimate AP nearby. Although OWE would keep the session safe from eavesdropping, the victim’s Wi-Fi traffic would flow through the Evil Twin AP and into the hands of an MitM, who can intercept credentials, plant malware, and install remote backdoors. One massive issue with WPA3 it doesn’t account for the fact that users and devices connecting to an SSID still have no way to confidently know that the SSID is being broadcasted from a legitimate access point or router. The SSID can still be broadcasted, with WPA3 enabled, from a malicious Evil Twin AP for example. Don’t get me wrong, the emergence of WPA3 is a solid step forward toward addressing today’s significant Wi-Fi security issues. That said, it should be looked at as a complimentary security control rather than a cure-all. Any organization operating a Wi-Fi network needs to ensure that they’ve built a Trusted Wireless Environment that can identify and defend against Wi-Fi threats automatically. This way, the access point deployment itself prevent users and devices from connecting and falling victim to malicious threats. How much trust can you put into your wireless environment?
Page 1 and 2:
Data Breaches: Beyond Exposing Iden
Page 3 and 4:
CONTENTS (cont') Prioritizing Secur
Page 5:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 22 and 23:
Data Breaches: Beyond Exposing Iden
Page 24 and 25:
About the Author Kem Gay is an Inte
Page 26 and 27:
Rip Off the Band-Aid This leaves us
Page 28 and 29:
Why Biometric Data Use Poses Unique
Page 30 and 31:
• DNA Kits: If you purchased or u
Page 32 and 33:
How to be Workforce Ready and Stand
Page 34 and 35:
Maximiliano Gigli, a third-year cyb
Page 36 and 37: Interestingly, the two groups diffe
Page 38 and 39: Cross-site Scripting Is an Underrat
Page 40 and 41: Stealing HTML5 web storage data: HT
Page 42 and 43: Cybersecurity in New York City, the
Page 44 and 45: A boom in cybersecurity startups se
Page 46 and 47: illion risks and threats among its
Page 48 and 49: Some Important Developments in the
Page 50 and 51: About the Author Sharmistha Sarkar
Page 52 and 53: employees to contractors and sub-co
Page 54 and 55: The Internet of Things Engineering
Page 56 and 57: About The Author Milica D. Djekic i
Page 58 and 59: kind. Many of them require some kin
Page 60 and 61: 2019 Risks in Focus: Cyber Incident
Page 62 and 63: However, the past year has also wit
Page 64 and 65: Why Insider Threats Are One of the
Page 66 and 67: Unlike with outside security threat
Page 68 and 69: Organizations will also frequently
Page 70 and 71: The US Must Catch Up to Other Promi
Page 72 and 73: The fact is, the wider internationa
Page 74 and 75: Integrate Compliance and Regulation
Page 76 and 77: Security have and have-nots How org
Page 78 and 79: 1. People Having the right people c
Page 80 and 81: sources (such as syslog’s, Net Fl
Page 82 and 83: Limitations of Current Endpoint Sec
Page 84 and 85: For effective detection, most EDR s
Page 88 and 89: About the Author Ryan Orsi is Direc
Page 90 and 91: questions such as, “Who added a w
Page 92 and 93: About the Author Josh Paape is an O
Page 94 and 95: for well-known, repeatable needs fi
Page 96 and 97: Overcoming Software Security Issues
Page 98 and 99: Implementing Security Checks at Str
Page 100 and 101: Phishing in the Dark: Employee Secu
Page 102 and 103: phishing threats. Furthermore, almo
Page 104 and 105: Unfortunately, once an application
Page 106 and 107: Software Should Come with a “Nutr
Page 108 and 109: vulnerabilities. If they find vulne
Page 110 and 111: I can't get no satisfaction, I can'
Page 112 and 113: How Organizations Should Choose a L
Page 114 and 115: load balancers capable of integrati
Page 116 and 117: SaaS DNS Security: Are you Protecte
Page 118 and 119: associated with any security event
Page 120 and 121: 120
Page 122 and 123: 122
Page 124 and 125: 124
Page 126 and 127: 126
Page 128 and 129: 128
Page 130 and 131: 130
Page 132 and 133: 132
Page 134 and 135: 134
Page 136 and 137:
136
Page 138 and 139:
138
Page 140 and 141:
140
Page 142 and 143:
142
Page 144 and 145:
144
Page 146 and 147:
146
Page 148 and 149:
148
Page 150 and 151:
We’ve launched http://www.CyberDe
Page 152 and 153:
Marketing and Partnership Opportuni
Page 154 and 155:
Regent University’s Institute for
Page 156 and 157:
156
show all

CDM-CYBER-DEFENSE-eMAGAZINE-March-2019

Create successful ePaper yourself

Delete template?

Save as template?