According to The Hacker News, the Wi-Fi Alliance recently announced that it’s next generation of wireless security protocol, called Wi-Fi Protected Access (WPA3), will replace the existing protocol.
The current protocol, called WPA2, has been around for more than a decade, used on billions of devices, and considered to be insecure because of its “unencrypted” open Wi-Fi networks, The Hacker News reports. These open networks allow “anyone on the same network to intercept connections on other devices,” a critical Achilles heel for businesses containing sensitive data.
Another weak spot in WPA2 that has been recently identified, The Hacker News says, is its vulnerability to KRACK (Key Resinstallation Attack), which “makes it possible for attackers to intercept and decrypt Wi-Fi traffic passing between computers and access points.”
The good news is that WPA3 will be available for personal and enterprise wireless devices, and will enable the following, put together by The Hacker News:
- WPA3 protocol strengthens user privacy in open networks through individualized data encryption.
- WPA3 protocol will also protect against brute-force dictionary attacks, preventing hackers from making multiple login attempts by using commonly used passwords.
- WPA3 protocol also offers simplified security for devices that often have no display for configuring security settings, i.e. IoT devices.
- Finally, there will be a 192-bit security suite for protecting Wi-Fi users’ networks with higher security requirements, such as government, defense and industrial organizations.
What this means for decision makers:
While the WPA3 will offer advanced network security for personal and business users alike, the solution won’t be rolled out until later this year. That means until then, users are still at risk for cybersecurity breaches. As a result, decision makers should consider being mindful about how their company’s current network is running, how it’s being protected, and how to prepare for the upcoming change in Wi-Fi protocols. They should also consider keeping in mind that even when the new protocols roll out, there is no such thing as a completely protected and sealed network; hackers’ skills and abilities will continue to keep up with security updates. Keeping pace with security and network policy updates can help keep digital assets safe, and end users and decision makers alike prepared for the new protocols, and potential attacks.