security

New Wi-Fi security exploit might affect iOS, Android and Linux devices: Here’s how to protect yourself – The Indian Express


Then new Wi-Fi security vulnerability might affect iOS, Android and Linux powered devices. Here’s how you can protect your network.

Wifi security attack | Wifi exploitResearchers say the new flaw lies with the design of the IEEE 802.11 Wi-Fi standard. (Image Source: Pixabay)

Listen to this article
Your browser does not support the audio element.

Researchers have found a new Wi-Fi exploit that allows attackers to hijack network traffic on iOS, Linux and Android devices. The flaw lies with the fundamental design of the IEEE 802.11 Wi-Fi standard which is adapted by the majority of Wi-Fi networks in the world.

The new exploit makes use of base station’s power saving feature and affects hotspot like networks allowing the attack to bypass the Wi-Fi encryption and intercept network traffic. To successfully carry out the attack, the actor has to forcibly disconnect the user device before they are able to connect to the network.

Also, they need to spoof the MAC address of the target device and connect to the network using their credentials and get a response. Once done, they malefactor will have access to network data in plaintext or unencrypted form. The research suggests that it can further be used to carry out a ‘context override attack’, an attack that prevents clients from attacking each other.

Public hotspots, which are often protected by Passpoint can be easily attacked using the method and might be used by miscreants to authenticate the user using their phone’s SIM card. Those using WPA2 or WPA3 routers on their home networks and have the ‘client isolation’ feature enabled are also at risk.

How can I protect myself?

Those interested in knowing if the new exploit affects their Wi-Fi network can download an open-sourced called MacStealer. Published by the researchers themselves, it lets users know if their network if susceptible to the attack or not. While Cisco said securely configured networks at not at risk, the company did recommend network admins to use policy enforcement mechanisms and implement transport layer security to encrypt the data.

Those with Wi-Fi networks at home can make use of the MAC Address Randomization feature, which is already available on the majority of devices.  It offers an additional layer of security by applying a randomized MAC address, which is basically device specific 12 character number. For the uninitiated, MAC address is a number that helps identify the device connected to the network.

Enabling MAC Address Randomization helps mask the original MAC address on the network making it a bit harder for the attacker to successfully carry out the attack. While this is not a solid solution since it can be disabled by network provider, researchers say currently it is the best way to patch the exploit.

To enable MAC Address Randomization, head over to your router settings and enable the feature from there. Keep in mind that the feature depends on your Wi-Fi router’s model and manufacturer, so you might have to look up the router’s model number and settings on the internet.

 

 

© IE Online Media Services Pvt Ltd



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.