Is 5G more secure than Wi-Fi? Many believe cellular networks are safer than Wi-Fi networks, but as the 5G rollout continues, users will be increasingly exposed to security threats via a process called Wi-Fi offloading. There are also weaknesses in 5G traffic itself that determined attackers can exploit. In a WatchGuard guest article for Network Computing, we explore what these processes are and what 5G and Wi-Fi users need to know about them.
Thanks to the public’s ravenous demand for bandwidth on smartphones and tablets, a large portion of “cellular” traffic is actually offloaded to nearby Wi-Fi networks to help equalize the load. When a device is in range of a Wi-Fi access point configured for this (called Hotspot 2.0 or Passpoint) the connection seamlessly moves to Wi-Fi without any visible change on the user’s device. This is common in large public areas like sports stadiums, malls and airports. Nearly 60% of 4G traffic is offloaded now, and Cisco predicts that 71% of 5G traffic will be offloaded. This means these connections can be exposed to common Wi-Fi attacks, like the Evil Twin attack where a hacker sets up a duplicate of a legitimate access point and eavesdrops on the data of anyone that connects to it. Here’s an excerpt from the article:
“Attackers primarily eavesdrop and intercept Wi-Fi traffic via man-in-the-middle positions and are constantly looking for easy ways to steal valuable information, like user credentials for a juicy target like cloud-based HR sites, email, or online shopping and travel sites. For example, if a 5G user has their cellular connection offloaded to an Evil Twin AP mimicking a legitimate Passpoint AP, then the attackers have full visibility into the data stream they thought was private and secured via cellular technologies.
Offloaded Wi-Fi is technically supposed to be protected by enterprise versions of the WPA2 or WPA3 security protocol. However, both of these encryption methods have suffered serious flaws lately with the KRACK and Dragonblood vulnerabilities, which have exposed fundamental flaws in the system design (although enterprise versions are considered a bit safer). In addition, tools and research are being developed to exploit this protection constantly. Encryption, after all, is supposed to be the last resort of protection for our connections.”
Read the full article on Network Computing to learn about the other common attacks that 5G users might encounter, and some of the vulnerabilities in 5G traffic itself. Learn more about how WatchGuard can help solve this problem here and read more about Wi-Fi security standards here.