WatchGuard Blog

Assessing the State of Global Wi-Fi Security Standards

Wi-Fi networks offer 24x7 connectivity during business meetings and at coffee shops, restaurants, airports and more, but can be perilous given the gaps in today’s global wireless security standards. None of these standards are completely immune to the six known Wi-Fi threat categories, leaving businesses, employees and everyday users open to data theft and other major security issues.

WatchGuard CTO Corey Nachreiner covers this topic in a Forbes Technology Council column and calls for the industry to rally together to establish a global standard for Wi-Fi security that truly protects organizations and their users from every class of Wi-Fi attack. Here’s a brief excerpt from the piece:

The problem is that there are Wi-Fi threats that work regardless of these encryption and authentication protocols. The Evil Twin attack is one such example, where an attacker simply copies the wireless network name (something called an SSID) of a Wi-Fi network you have joined before, such as your official corporate Wi-Fi network. Unfortunately, Wi-Fi clients happily connect to any network with the name they are looking for. Which version of that network they join depends more on the range and signal strength of the network than any other factor.

Even if your real wireless network uses strong WPA3 encryption to make sure only authenticated clients join it, your phone or laptop will connect to a fake version of that network, even without any wireless security enabled at all. While Wi-Fi security standards have protocols that can protect you when you join the right network, they don’t have industry-wide security technologies that keep your devices from unknowingly connecting to evil fake networks (the Mystique version).

Beyond the Evil Twin attack, other examples of Wi-Fi threats today include ad-hoc or peer-to-peer wireless networks, rogue access points, rogue clients and more. For more information on all six of the known Wi-Fi threat categories, check out the Trusted Wireless Environment (TWE) movement. This movement outlines the threats that WPA3 and other Wi-Fi security standards don’t currently detect and prevent and is gathering support for the development of a better worldwide Wi-Fi security standard.

It’s clear that we need to standardize new wireless security technologies that not only encrypt users’ wireless communications but ensure wireless devices aren’t tricked into joining networks without any security. The good news is that there are methods organizations can use to defend against each Wi-Fi attack category. Generically, solutions that provide Wireless Intrusion Prevention System (WIPS) provide extra layers of security that not only discover bad actors on your wireless network or within your wireless proximity but can actively prevent your devices from connecting to evil networks or block attackers from completing their attacks.

Read the full article on Forbes for more information on the weaknesses of today’s wireless security standards. And to help advocate for a new worldwide Wi-Fi security standard, check out the Trusted Wireless Environment movement today.