Get a virtual number for receiving SMS at the best price.
WEP was introduced in 1997 as part of the original Wi-Fi 802.11 standard; In 2003, it was replaced by Wi-Fi Protected Access (WPA), which used the TKIP mechanism to enhance security. Meanwhile, TKIP has become less common in WPA2 (released in 2004) and absent in WPA3 (released last year).
Both old protocols have well-known flaws that make it easy to decrypt by listening to malicious types, but they are still common on older Wi-Fi networks. This makes attacks such as “Man In The Middle” (MiTM) and the introduction of malware much more effective.
Sivan Tehila, Director of Solution Architecture at Perimeter 81, said it was a good step, considering that Wi-Fi security inputs and outputs are not necessarily well-known - the average Wi-Fi user does not know how to check the network for network type the security she uses.
“As employees become more mobile, they use Wi-Fi more often, and most of the time they are not aware of the risks,” she said. “Meanwhile, cybercriminals are using Wi-Fi as their primary vector attack, using the weak security of older Wi-Fi technologies.”
This can have serious consequences for companies. According to Patrick Hevesi, senior director, devices compromised at a public access point (say, at an airport or cafe) can transfer infection back to the corporate network when they connect to the company's cloud-based applications or the company's local network. Analyst at Gartner.
“Suppose a device is infected with malware, and then you enter your organization. You join a VPN, you get to corporate Wi-Fi. You are connecting this device via USB to your PC or Mac. Hackers are trying to listen to these various aspects and connections in order to possibly enter your organization as well. ”
For users who receive a new Wi-Fi warning in a public space, Microsoft said in a security update this week that users should disconnect from this Wi-Fi network and look for other options (users can connect to another network or possibly bind to 4G) .
For home users, “consider changing the type of security that your router or access point uses,” said the computer giant. “You can do this by logging into your router using the software for it, and then changing the security type for your home Wi-Fi network.”
Nabil Hannan, managing director of Synopsys, said there should also be updates. “This update is forcing users to increase security on their home router, which leads to a much more secure home network,” he said. “New routers are also quite inexpensive, so updating home networks is not a significant burden in such a scheme.”
Terence Jackson, director of public relations at Thycotic, said raising awareness of the risk of Wi-Fi using legacy protocols is certainly a positive step, but it’s not a panacea.
“Consumers should remember to comply with the rules when connecting to open Wi-Fi networks,” Jackson said. “Just because your network uses the latest standards does not mean that it is secure.”
“Organizations are responsible for creating reliable wireless environments by protecting their employees and customers from hackers who can easily exploit the weak or non-existent security of traditional and old Wi-Fi networks,” she said. “Security groups should include in their cybersecurity strategy the introduction of updated Wi-Fi security technologies, frequent patching of their systems and training employees to better understand the risks of Wi-Fi.”