This sneaky Wi-Fi security flaw could let hackers easily eavesdrop on your network and access sensitive information
Attackers use it to access your information.
Experts have discovered a security issue that can 'confuse' your phone or computer into connecting to a harmful Wi-Fi network instead of the safe one you think you're joining.
Doing so means hackers could watch what you're doing online and even steal the sensitive information that you're inputting.
This problem affects all types of Wi-Fi connections and devices - regardless of whether they're home or public networks - so it's something we should all be aware of.
A report from The Hacker News found the IEEE 802.11 Wi-Fi standard has a weakness tracked as CVE-2023-52424.
Advert
The weakness is in the standard system that Wi-Fi networks use to identify themselves (SSID) and connect with devices.
In these cases, attackers can set up a fake Wi-Fi network that appears to be legitimate and use it to 'downgrade' the victim to a less trusted network.
One of the scarier parts about this is that VPNs aren't a security barrier either.
'A successful SSID Confusion attack also causes any VPN with the functionality to auto-disable on trusted networks to turn itself off, leaving the victim's traffic exposed,' the researchers said.
That's because the VPNs recognise the Wi-Fi network based on its SSID, so it's also been fooled.
CVE-2023-52424 is based on the fact that SSIDs are not always verified, and security protocols only activate when a device attempts to connect to a specific network.
'In our attack, when the victim wants to connect to the network TrustedNet, we trick it into connecting to a different network WrongNet that uses similar credentials,' the researchers explained. 'As a result, the victim's client will think, and show the user, that it is connected to TrustedNet, while in reality it is connected to WrongNet.'
So, how do we keep ourselves safe from this type of attack?
Well, for the attack to work, the fake network needs to have a similar name and security setup as the trusted one you're trying to connect to, and the hacker needs to be physically close enough to interfere with your connection. Hence why it mainly affects organisations with more than one Wi-Fi network and with shared credentials.
The easiest way to address SSID Confusion attacks is to update to the 802.11 Wi-Fi standard, the researchers concluded. This update helps ensure that your device can better identify and connect only to legitimate and safe Wi-Fi networks.