Extreme Networks is aware of the recent WPA PSK brute force cracking technique that was discovered by the author of the popular 'hashcat' open source project. To our knowledge at this point, this technique applies generally to any wireless vendor (including EXTR) that implements WPA for wireless network security. There are two mitigations that can be effective against this attack:
- Choose a PSK password that is as strong as possible (ideally 16 characters including capital letters, numbers, and special characters)
- Change your PSK when it makes sense (yearly for example)
- Use WPA2 Enterprise instead of WPA/WPA2. For the first mitigation, as with all password brute forcing attacks, password complexity is important to maximize.
We will provide any new updates as they become available.