Despite recent improvements to Wi-Fi security, NYU Abu Dhabi (NYUAD) researchers have discovered three design flaws that could allow hackers to access sensitive data on all Wi-Fi networks, even if the data has been encrypted.
In a new study, Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation published in USENIX Security, Mathy Vanhoef from the NYU Abu Dhabi Cyber Security & Privacy Lab and the team of researchers present three design flaws that infiltrated both an early Wi-Fi network designed in 1997 and present-day Wi-Fi technology – indicating that these vulnerabilities have been present since Wi-Fi was first introduced almost 25 years ago.
The vulnerabilities in Wi-Fi security that went unnoticed for more than two decades were discovered by simulating hacker attacks and analyzing the effect on open-source Wi-Fi stacks and systematically inspecting the 802.11 standard, which have varied levels of protection. One design flaw is in the frame aggregation functionality (the combination of smaller frames to create one large frame that increases Wi-Fi speed), and the other two are in the frame fragmentation functionality (the splitting of larger frames into smaller fragments to increase Wi-Fi connection). The flaws were found in all protected Wi-Fi networks, including old networks using Wired Equivalent Privacy (WEP), up to and including the latest Wi-Fi Protected Access 3 (WPA3) technology. Since even WEP is affected, this implies the root cause of several design flaws has been part of Wi-Fi since its introduction in 1997. Additionally, every single device that was tested was vulnerable to at least one of the security attacks.
The researchers also designed a programming tool to test whether devices are affected by any of the vulnerabilities, and offer recommended countermeasures to prevent attacks. The tool can test home networks and enterprise networks alike and is available in a USB format.
It was found that the attack in the simulation could have been avoided if devices had implemented optional security improvements earlier. This highlights the importance of deploying security improvements before practical attacks are known. Over the past nine months, the team of researchers has been in contact with IT specialists at Google, Microsoft, Cisco, MediaTek, Huawei, and other technology companies to share their discoveries and help implement more secure defenses.
“The security flaws our team has discovered may have affected an unfathomable number of personal or professional networks and devices since the creation of Wi-Fi in the late 90s. Our hope is that the publication of these findings and our work with IT specialists at leading corporations can make Wi-Fi more secure in networks that millions of individuals and organizations around the world rely on every day.”