Then new Wi-Fi security vulnerability might affect iOS, Android and Linux powered devices. Here’s how you can protect your network.
Researchers have found a new Wi-Fi exploit that allows attackers to hijack network traffic on iOS, Linux and Android devices. The flaw lies with the fundamental design of the IEEE 802.11 Wi-Fi standard which is adapted by the majority of Wi-Fi networks in the world.
You have exhausted your
monthly limit of free stories.
To continue reading,
simply register or sign in
Continue reading with an Indian Express Premium membership starting Rs 133 per month.
This premium article is free for now.
Register to continue reading this story.
This content is exclusive for our subscribers.
Subscribe to get unlimited access to The Indian Express exclusive and premium stories.
This content is exclusive for our subscribers.
Subscribe now to get unlimited access to The Indian Express exclusive and premium stories.
The new exploit makes use of base station’s power saving feature and affects hotspot like networks allowing the attack to bypass the Wi-Fi encryption and intercept network traffic. To successfully carry out the attack, the actor has to forcibly disconnect the user device before they are able to connect to the network.
Also, they need to spoof the MAC address of the target device and connect to the network using their credentials and get a response. Once done, they malefactor will have access to network data in plaintext or unencrypted form. The research suggests that it can further be used to carry out a ‘context override attack’, an attack that prevents clients from attacking each other.
Public hotspots, which are often protected by Passpoint can be easily attacked using the method and might be used by miscreants to authenticate the user using their phone’s SIM card. Those using WPA2 or WPA3 routers on their home networks and have the ‘client isolation’ feature enabled are also at risk.
How can I protect myself?
Those interested in knowing if the new exploit affects their Wi-Fi network can download an open-sourced called MacStealer. Published by the researchers themselves, it lets users know if their network if susceptible to the attack or not. While Cisco said securely configured networks at not at risk, the company did recommend network admins to use policy enforcement mechanisms and implement transport layer security to encrypt the data.
Those with Wi-Fi networks at home can make use of the MAC Address Randomization feature, which is already available on the majority of devices. It offers an additional layer of security by applying a randomized MAC address, which is basically device specific 12 character number. For the uninitiated, MAC address is a number that helps identify the device connected to the network.
Enabling MAC Address Randomization helps mask the original MAC address on the network making it a bit harder for the attacker to successfully carry out the attack. While this is not a solid solution since it can be disabled by network provider, researchers say currently it is the best way to patch the exploit.
To enable MAC Address Randomization, head over to your router settings and enable the feature from there. Keep in mind that the feature depends on your Wi-Fi router’s model and manufacturer, so you might have to look up the router’s model number and settings on the internet.
© IE Online Media Services Pvt Ltd
