FAQ Contact Us

New vulnerabilities in the 5G/Wi-Fi handover in 2020

LONDON / AGILITYPR.NEWS / December 04, 2019 / 4 December 2019 – Attackers will find new vulnerabilities in the 5G to Wi-Fi handover to access voice and data on 5G mobile phones in 2020, say researchers at the WatchGuard Technologies Threat Lab. With wireless carriers increasingly handing off calls and data to Wi-Fi networks to save bandwidth, particularly in high-density areas, flaws in this cellular to Wi-Fi handover process will allow hackers to compromise security.

 

“As 5G rolls out across large public areas like hotels, shopping centres and airports, users’ voice and data information on their cellular-enabled devices is communicated to both cell towers as well as Wi-Fi access points,” explains Corey Nachreiner, CTO at WatchGuard. “While mobile devices have intelligence built into them to automatically and silently switch between cellular and Wi-Fi, security researchers have already exposed flaws in this handover process, and it is at highly likely that a major new 5G to Wi-Fi security vulnerability will be exposed in 2020.”

 

Most mobile devices don’t allow users to disable the cellular to Wi-Fi handover - also known as Hotspot 2.0 – although Windows 10 currently does. If unsure, individuals should always use a VPN (Virtual Private Network) on their mobile devices so that attackers eavesdropping on cellular to Wi-Fi connections can’t access their data. Businesses looking to enable Hotspot 2.0, should make sure their Wi-Fi access points (APs) have been tested independently to stop the six known Wi-Fi threat categories listed in the Trusted Wireless Environment: www.trustedwirelessenvironment.com. If the APs block these threats, attackers cannot eavesdrop on the cellular to Wi-Fi handoff.

 

WatchGuard researchers are also predicting that in 2020, 25% of all breaches will happen outside the perimeter. While remote working can increase productivity and reduce burnout, mobile employees often work without any network perimeter security and mobile devices can mask tell-tale signs of phishing attacks and other security threats. Security and IT teams need to make sure they are implementing off-network protection for employees and that any laptop or device that leaves the office has a full suite of security services, including a local firewall, advanced malware protection, DNS filtering, disk encryption and multi-factor authentication.

See the WatchGuard Threat Lab predictions videos here:  https://www.watchguard.com/wgrd-resource-center/predictions-2020#wifi

 

About WatchGuard Technologies

WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for midmarket businesses and distributed enterprises. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com.

For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcast at Secplicity.org, or wherever you find your favourite podcasts.

www.watchguard.com

WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.

 

Peter Rennison or Laura Berrill, PRPR

01442 245030, pr@prpr.co.uk / laura@prpr.co.uk

 

 

 

 

Contacts

Peter Rennison

Peter Rennison

pr@prpr.co.uk

Phone: 01442 245030