WatchGuard Threat Lab predicts that WPA3 Wi-Fi will be compromised in 2019. Unless more comprehensive security is built into the Wi-Fi infrastructure users will be fooled into feeling safe with the new WPA3 encryption standard, while still being susceptible to attacks such as Evil Twin Access Points (APs). This is the warning from researchers at WatchGuard Technologies’ Threat Lab who predict that a WPA3 Wi-Fi network will be hacked in 2019.
WatchGuard believes that hackers could use any of the six known Wi-Fi threat categories, as defined by its Trusted Wireless Environment Framework, to compromise a WPA3 Wi-Fi network. “While WPA3 has undergone significant improvements over WPA2, it still does not provide protection from threat categories that operate primarily at Layer 2 and include: rogue APs, rogue clients, Evil Twin APs, neighbour APs, ad-hoc networks and misconfigured Aps,” said Corey Nachreiner, CTO at WatchGuard Technologies. “We think it is highly likely that we’ll see at least one of these threat categories used to compromise a WPA3 network and our money is on the Evil Twin AP.”
The Evil Twin AP is likely to be used in Enhanced Open Wi-Fi networks as Opportunistic Wireless Encryption (OWE) can still take place between a victim client and an attacker’s Evil Twin AP that is broadcasting the same SSID and possibly the same BSSID as a legitimate AP nearby. Although OWE would keep the session safe from eavesdropping, the victim’s Wi-Fi traffic would flow through the Evil Twin AP and into the hands of a man-in-the-middle (MitM) that can intercept credentials and plant malware and remote backdoors.