New Wi-Fi Attack That Jeopardizes Your Security

Although recently caught as a bug, this new attack exposes the flaw in the Wi-Fi connection procedures that may possible make you connect to a harmful or malicious network.

Known as the ‘SSID Confusion Attack’, hackers are able to create a spoofed router to mimic a trusted router you may already have connected to before, and abuse a flaw in the Wi-Fi procedures that doesn’t confirm the routers name before connecting to it.

Even though you may think you’re connecting to the right network because the name (SSID) is correct, you’re still connecting to a potentially harmful network.

Sounds a little complicated but let’s dive into this…

To provide some context: for every Wi-Fi router, it ranges between which frequencies to use depending on the devices and how modern the router actually is. Typically older computers, phones, etc… require a 2.4Ghz frequency to connect to the Wi-Fi, while more modern and newer devices can connect to a 5Ghz frequency.

Given the context, how does it work?

There are a couple conditions required for the attack to actually take place, and thankfully, is not simple to do for an attacker.

It is common for bigger companies to have two networks: one for devices to connect to a 2.4Ghz and the other being a 5Ghz; however, both have the same passwords to access into.

That’s the only situation where this attack works — where there are two networks, one for 2.4Ghz and the other for 5Ghz, and they both have the same passwords to access.

An attacker that is near the company’s Wi-Fi can perform a MITM attack, spoof the router to create one with the same SSID as the more secure 5Ghz network, trick the individual into connecting to the 5Ghz network but then in reality, the spoofed router is actually configured to the 2.4Ghz frequency.

And since 2.4Ghz is older, that means that its security features are less updated and modernized for newer attacks, can cause interference with other devices like microwaves (yes, really), and other circumstances that can lead to signal attenuation.

Even for yourself, if you have 2 Wi-Fi networks for the different frequencies, just change the passwords. It’ll save you a lot of stress and headache in the future.

Clear-Cut Definitions

1. Spoofed Router: A router that replicates a Wi-Fi network with the same information in the hopes that it tricks people into connecting to their network. These are typically done with harmful intentions.
2. SSID: Standing for ‘Service Set Identifier’, it is essentially the name of your Wi-Fi network.
3. MITM Attack: Standing for ‘Man-In-The-Middle’ attack, an MITM attack occurs where a hacker acts like a middle-man (unbeknownst to the two+ parties) to gain sensitive information they wouldn’t normally get. A MITM intercepts the information from one party, forwards to the other party, but continues to eavesdrop between the two.
4. Signal Attenuation: Signal attenuation is the loss of signal strength in a connection. When your Wi-Fi goes from 4 bars to 2 bars, that is signal attenuation.