Endpoint Users Need Protection Against New Wi-Fi Protocol Standard Design Flaws

Posted June 20, 2023

By Sam Koch, Solutions Engineer | Mobolize

There’s a design flaw in the IEEE 802.11 Wi-Fi Protocol Standard for Mobile Devices that impacts all endpoint devices running iOS, Android, Linux and more. The problem with the flaw is that it makes it easier for hijackers to snag transmission control protocol (TCP) connections and intercept client and web traffic. The result – hijackers can steal data sent and received from devices connected to Wi-Fi networks because they have hidden access.

Today is World Wi-Fi Day which recognizes and celebrates the significant role Wi-Fi plays in communities around the world to help “connect the unconnected” but let’s discuss the importance of Wi-Fi security too. Worldwide availability of public Wi-Fi networks is great for reducing “digital poverty” by connecting people to information, markets, education, family, etc. but it also creates an open market for hackers to target the unprotected mobile device using Wi-Fi.

At the same time, there is a huge growth in the use of mobile endpoint devices, especially for businesses with remote workers, whether working from home, hybrid or traveling, who utilize public Wi-Fi for work and personal use. Before the epidemic, employees used endpoint devices while traveling to work on mass transit, staying in hotels on business trips or sitting in coffee shops. “Work from Anywhere” has changed that as now, according to a study from High Speed Internet, almost half of Americans (47%) use public Wi-Fi to cut down on cellular data usage and 18% use public Wi-Fi to work remotely. Even 8% use public Wi-Fi because it’s better than the Wi-Fi they have at home.

In addition, more devices are being used for working remotely including mobile phones, tablets and laptops. The real endpoint of today’s networks is the devices connecting to it. And this is especially of concern when the network is out of the control of the business (i.e. corporate network) or user.

The study also indicates that 80% of Americans are concerned about online safety when using public Wi-Fi. They should be. There are often reports of security issues and one of the newest is a newly found design flaw in the IEEE 802.11 Wi-Fi protocol standard that tricks access points into leaking data traffic information to a hacker. Not only does that open a user’s personal information to a hacker but business information too if a worker is doing work not connected to a secure corporate network.

The security solution for public Wi-Fi users is to use a VPN. However, traditional VPNs have many issues for users and businesses including battery performance, slow internet speeds, broken services, inability to protect domains or apps (which can be up to 90% of mobile activity) and can’t fully support Cloud Access Security Broker (CASB).

What’s needed to protect any endpoint device is a security solution that provides fine-grain routing that tunnels and manages all apps, including browsers, across all platforms. That’s Mobolize’s Data Management Engine that intelligently manages all data traffic to enables precise access and routing for all data. It also improves connectivity as workers move between Wi-Fi and cellular networks, as is often the case for remote workers.

Specifically, the Data Management Engine protects endpoint devices against the current IEEE 802.11 Wi-Fi protocol standard design flaw. Essentially this security flaw exposes a man in the middle attack where the attacker could get access to the traffic. The Data Management Engine adds that extra layer of encryption to unencrypted traffic so even if hackers access the device’s traffic, it’s encrypted so they cannot read the content. Can’t see it, can’t steal it. Both enterprise and personal endpoint device data is secure.

World Wi-Fi Day is a great celebration of the fabulous advantage Wi-Fi brings to all communities. By adding Wi-Fi security to the discussion, the benefits of public Wi-Fi are enhanced – secure connection to apps, browsers and all other data used on endpoint devices.

Be secure on Wi-Fi. Mobolize secure.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.