What’s in store for Wi-Fi in 2018?

Jolette Roodt|31 January 2018
What’s in store for Wi-Fi in 2018?

In October 2017, Mathy Vanhoef and Frank Piessens from the University of Leuven in Belgium revealed the viability of what they term the “key reinstallation attack” (or KRACK). They demonstrated that it would be possible to interfere with the supposedly secure “four-way handshake” used to generate unique encryption keys for different users and during different sessions. This vulnerability could allow fraudsters to decrypt and steal sensitive information, especially on Android devices. The discovery of this threat led to renewed awareness of the security risks of the Internet – even password-protected Wi-Fi.

In response, the Wi-Fi Alliance® announced on 9 January that they will be rolling out improvements to the vulnerable, fourteen-year-old Wi-Fi Protected Access 2 (WPA2) security protocol – the root of the KRACK problem – immediately. A completely new protocol, WPA3, will be implemented in the longer term, and will offer further enhancements including “features [that] deliver robust protections even when users choose passwords that fall short of typical complexity recommendations”.

In the meantime, what measures can enterprises take to protect their Wi-Fi users?

  • External-facing as well as internal, LDAP-based sites should use HTTPS only.
  • Internal users should authenticate themselves using TLS when accessing LDAP-based sites.
  • Links shared in e-mails should reference only HTTPS URLs.
  • The enterprise website, blog and/or related pages should reference only HTTPS URLs.
  • An app or TLS should be used for internal communication to retain confidentiality even when the Wi-Fi network is vulnerable.

Employees should also be encouraged to set up two-factor authentication (2FA) on their accounts outside of the workplace, such as for personal e-mail and social media, and to steer clear of public Wi-Fi whenever possible.

Topics

Share

About the author

Jolette Roodt

Jolette Roodt

Writer/Analyst

Subscribe to our newsletter for our latest news, press releases and events

logo entersekt

Entersekt is an international software development company based just outside of Cape Town, South Africa.

We are leaders in authentication, app security, and payments enablement technology, offering a highly scalable solution set with a track record of success across multiple continents.