A new strategy has been found that easily obtains the Pairwise Master Key Identifier (PMKID) from a WPA/WPA2-secured router, which can be used to quickly crack the router’s wireless password. The new technique was discovered by Jens Steube, the developer of widely-known password cracking tool Hashcat.
Before this method was discovered, typical WPA/WPA2 cracking methods relied on waiting for a user to login to the wireless network, before capturing the full authentication handshake process and conducting a brute-force search for the password. However, this new technique eliminates the need of an EAPOL 4-way handshake, and is instead done on the Robust Security Network Information Element (RSN IE) of a single EAPOL frame, Steube said in his post.
SEE: Network security policy (Tech Pro Research)
“This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard,” Steube explained, adding that it won’t work against WPA3, the latest wireless security protocol. “WPA3 will be much harder to attack because of its modern key establishment protocol called Simultaneous Authentication of Equals (SAE).”
As a result, an attacker would be able to access vulnerable wireless networks much quicker, all with information directly from the router.
The Wi-Fi alliance announced the release of WPA3 in January, which presented a new standard of Wi-Fi security for all users. WPA3 uses individualized data encryption, protects against brute-force attacks, and blocks an attacker after too many failed password attempts, according to our sister site ZDNet.
SEE: Brute force and dictionary attacks: A cheat sheet (TechRepublic)
This best way to protect yourself against the new WPA/WPA2 attack strategy is probably to adopt the new WPA3 wireless network security, as WPA2 was released back in 2004. However, it depends on whether or not firmware updates are available from your router manufacturer. Be sure to contact your manufacturer for the best course of action you should take to secure your network.
The big takeaways for tech leaders:
- Researcher’s behind popular password cracking tool Hashcat found a faster, easier way to crack WPA/WPA2 Wi-Fi network passwords.
- This attack strategy was found by accident when trying to crack the new WPA3 network protocol, which is much more difficult to hack than WPA/WPA2.
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays