Study Reveals 94% of Wi-Fi Networks Vulnerable to Deauthentication Attacks

A study by Nozomi Networks, which analyzed telemetry data from hundreds of OT and IoT environments, revealed that 94% of Wi-Fi networks lack adequate protection against deauthentication attacks.

Deauthentication attacks are a type of Denial of Service (DoS) attack aimed at exploiting vulnerabilities in network protocols to disconnect devices from the network, disrupting their operation.

The report highlights that deauthentication is often utilized in the initial phases of larger and more devastating attacks, weakening an organization’s defenses. «Organizations rely on a built-in feature of the Wi-Fi protocol, particularly within control frames, for communication between devices and access points. By sending spoofed deauthentication frames, attackers can force devices to disconnect from the network. This can lead to more serious actions, such as data interception and unauthorized access, especially when paired with additional malicious activities,» the researchers explained.

The core of the issue is that merely 6% of monitored wireless networks are equipped with Management Frame Protection (MFP). This is deemed a crucial security feature that prevents attackers from spoofing control frames. Consequently, nearly all networks, including those supporting critical national infrastructure (CNI), are vulnerable to malicious attacks.

«The vast majority of wireless networks, including those in critical settings, remain significantly exposed to such types of attacks. For instance, in healthcare, vulnerabilities in wireless networks may lead to unauthorized access to patient data or disruption of vital systems. Similarly, in industrial environments, these attacks can disrupt automated processes, halt production lines, or pose security threats to workers,» the researchers stated.

The authors of the report cautioned that in light of recent attacks from state-sponsored groups targeting CNI organizations’ networks, enhancing wireless network security has become a vital factor in improving resilience.

The researchers also mentioned several other common threats used to attack wireless networks. For example, attackers can deploy rogue access points to impersonate legitimate networks, thereby exposing confidential information. Another example includes jamming attacks, where hackers overload wireless networks to cause downtimes and operational failures. Finally, eavesdropping attacks allow the interception of messages over unencrypted wireless protocols.

Meanwhile, a backdoor that was undocumented has been discovered in the ESP32 microchip from the Chinese manufacturer Espressif, which is utilized in over a billion devices. This can potentially be exploited for attacks, as undocumented commands allow the spoofing of trusted devices, unauthorized data access, transition to other devices on the network, and potentially establishing long-term persistence.