Zero Trust Networks

[Jugru]

Hey all. For a semester paper, I’m writing about the risk that rogue APs pose for companies as their workers increasingly work from home. 

Zero Trust models gained in popularity and I want to focus on them in one chapter. I tried to research what threat evil twins/rogue APs pose for them but only found broad statements like ‘MiTM attacks don’t pose a threat in Zero Trust environmemts’. 

Is it true that they are relatively immune to MiTM WiFi attacks like performed through the Pineapple? What weaknesses, if any, exist? 

Apologies for the crude noob questions. I‘ve been reading up a lot but am very new to Zero Trust security and stuck. I’d like to learn more - any and all pointers would be helpful.

Happy to share the paper afterwards. 
Thanks! 

[Darren Kitchen]

Jugru - 

Good luck with the paper, and please share it with us when it's complete.

In discussing this exact topic with others in the industry that are adopting the zero trust model, it's clear that - as always - the humans are the weakest link. It's for this reason that modules like Evil Portal, which are able to spin up a captive portal, are so valuable. By mimicking not only a preferred network, but a recognized landing page, credentials and other PII can be captured. Mobile devices are especially vulnerable to this attack because many, like Samsung for instance, do not display a URL bar when loading the captive portal.

And while attacks like sslstrip/sslsplit may not be as effective as they once were, DNSMasq Spoof is great for redirecting traffic to a site to capture loot. Depending on the scope of engagement, this can be very effective.

Cheers!