6) Prediction: WPA3 Circumvented By a Layer 2 Threat Vector

            Description:

            In  2019,  one  of  the  six  Wi-Fi  threat  categories  as  defined  by  the  Trusted  Wireless  Environment
            Framework will be used to compromise a WPA3 Wi-Fi network despite the enhancements in the new
            WPA3 encryption standard. Unless more comprehensive security is built into Wi-Fi infrastructure, users
            will be fed a false sense of security with WPA3, while remaining susceptible to threats like Evil Twin APs.

            WPA3 is the next evolution of the Wi-Fi encryption protocol. It has undergone significant improvements
            over WPA2, but it still does not provide protection from the six known Wi-Fi threat categories. These
            threats operate primarily at Layer 2 and include: rogue APs, rogue clients, evil twin APs, neighbor APs,
            ad-hoc networks and misconfigured APs.

            The Evil Twin AP, for example, is very likely to be used in Enhanced Open Wi-Fi networks as opportunistic
            wireless encryption (OWE) can still take place between a victim client and an attacker’s Evil Twin AP that
            is broadcasting the same SSID and possibly the same BSSID as a legitimate AP nearby. Although OWE
            would keep the session safe from eavesdropping, the victim’s Wi-Fi traffic would flow through the Evil
            Twin  AP  and  into  the  hands  of  a  man-in-the-middle  (MitM)  that  can  intercept  credentials,  and  plant
            malware and remote backdoors.


            It’s highly likely that we’ll see at least one of the threat categories utilized to compromise a WPA3 network
            in 2019, and our money is on the Evil Twin AP.



            7) Prediction: Biometrics as Single-Factor Authentication Exploited By Attackers

            Description:


            As biometric logins become more common, hackers will take advantage of their use as a single-factor
            method of authentication to pull off a major attack in 2019.




            Biometric login methods such as face and fingerprint readers on consumer devices like smartphones and
            gaming  consoles  present  a  tempting  target  for  hackers.  While  biometrics  are  more  convenient  than
            remembering many complex passwords, and they are more secure than poor passwords, they are still
            just a single method of authentication. If people don’t add a second form of authentication, cyber criminals
            that successfully hack biometrics can easily gain access to their personal and financial data.



            But aren’t biometrics much harder to crack? Well, a researcher fooled a fingerprint scanner with gummy
            bears  in  2002,  and  a  hobbyist  hacking  group  defeated  the  iPhone’s  TouchID  in  2013.  In  2017,  a
            Vietnamese security group claims to have created a mask that can fool Apple’s FaceID. It’s only a matter
            of time before hackers perfect these methods and exploit the growing trend of biometrics as the sole form





                                 148