Eighty-five percent of organizations have experienced at least one wireless security incident in the last 12 months, while 58% have suffered financial losses, with half of them tallying $1 million or more annually. More than a third report escalating wireless threats over the past two years, and the top reported driver of those threats is, of course, AI-generated or automated attacks.
These stats come from a recent Cisco survey of 6,098 organizations in countries across the Americas, Asia, Europe, the Middle East, and Africa (EMEA). The report makes clear, and experts concur, that Wi-Fi networks are facing intensifying security risks as AI tools make it far easier for bad actors to ply their trade successfully.
“The question is, how isn’t AI changing security,” says Zeus Kerravala, founder and principal analyst with ZK Research. “It’s allowing [bad actors] to do the things they did with wired [networks], but a lot faster and with a lot more granularity than they had before.”
Mounting a strong defense means fighting AI with AI, and companies including Cisco are developing tools to do just that. But experts make clear that well-known strategies, including zero trust and network segmentation, will also go a long way toward offering sound protection.
“AI hasn’t fundamentally changed cybersecurity,” says John Kindervag, chief evangelist at network security vendor Illumio. “It’s exposed years of neglected fundamentals and misinformation.” (Kindervag, credited with coining the term zero trust when he was an analyst at Forrester Research, says the five wireless security myths he outlined in a 2006 paper are still discussed today as viable Wi-Fi security measures – but shouldn’t be.)
Escalating wireless threats and an AI paradox
The Cisco study is intended to make the case that wireless is crucial to realizing the growth potential of AI and, therefore, must be both secure and high-performance. Upgrading to the latest iterations of Wi-Fi solutions delivers both. So, it’s a return-on-investment argument: Pay now to improve the performance and security of your wireless infrastructure, or muddle along and take your chances.
To urge action, the report paints a dire picture of the wireless security landscape. In addition to 85% reporting at least one wireless security incident in the last 12 months, it says 38% report escalating wireless threats over the past two years.
AI is the most significant security threat vector, with 35% of respondents citing AI-generated or automated cyberattacks as a driver of security threats. “These attacks can identify network vulnerabilities, adapt attack strategies based on defensive responses, and operate at a scale and speed far exceeding human attacker capabilities,” the report says.
And that leads to what Cisco calls the “AI paradox.” As the report says: “AI is simultaneously the leading driver of wireless ROI and the source of its greatest challenges. Organizations deploying AI view wireless as strategically critical and are able to achieve substantially stronger returns when they integrate wireless optimization into AI deployment strategies. Yet this same AI is introducing new security threats and intensifying talent competition.”
The talent competition stems from companies shifting their best and brightest from wireless (and presumably other areas) to AI projects, while the security threats are many and varied. (See related feature, AI fuels wireless talent shortage)
How AI makes life easy for bad actors
AI is faster at finding weak networks and clients, or even users who are more likely to offer up their credentials to a bogus multi-factor authentication request, says Matt MacPherson, enterprise wireless CTO at Cisco.
AI tools can help attackers answer questions such as, “Which SSIDs, locations, devices, or vendors should I impersonate? How do I evade the current IDS and IPS systems?” he says.
Chris DePuy, technology analyst with 650 Group, says agent-based systems like OpenClaw, Hermes Agent, and Claude Code can run automated attacks basically until the hacker runs out of money to pay for it. “You give them a goal, they go for it,” he says.
To see just how easy it is, DePuy installed OpenClaw on a Wi-Fi-enabled Raspberry Pi device. “Then all it needs to do is be plugged into power near the Wi-Fi network that it wants to attack,” he says. Next, give it some instructions – say, “find me a way into this Wi-Fi network named ABCD.” The device then connects to a cloud-based LLM, which enables it to write its own code, and will “just bang away” until it finds a way in, he says. “So, yes, life just got easier for threat actors.”
MacPherson agrees such tools change the game. “Before it took a certain expertise to understand the details and then to manually go after these things,” he says. “Hackers are applying the tools just like we are for improving productivity and visibility in order to be more effective at what they do.”
IoT and OT expand the attack surface, increase complexity
At the same time life is getting easier for hackers, the attack surface they have to go after is expanding with the proliferation of IoT and OT devices. More than a third of respondents to the Cisco survey (36%) say they have suffered compromised IoT or OT devices.
This proliferation contributes to Wi-Fi complexity, which 98% of survey respondents say they are grappling with. That has IT teams “trapped in reactive ticket management,” the report says.
The complexity issue rings true to Kerravala. Research he conducted last year found nearly 30% of network engineers spend at least 10 hours per week on Wi-Fi troubleshooting.
“So, in a 40-hour work week, that’s 25% of your time spent doing nothing but wireless troubleshooting,” he says. “Under the umbrella of all things corporate IT, there is nothing more difficult than wireless troubleshooting because there are so many things it could be, it’s very hard to find the one thing it is.”
The IoT/OT problem is particularly thorny because many companies don’t have a good handle on how many devices they have, not to mention where they are. Kerravala says he asked the head of OT for a large oil and gas company how many OT devices the company had. “He says, ‘We have no idea. I can tell you we’ve got 20,000 Windows domains, and each one has a bunch of OT devices, but I couldn’t even begin to tell you how many OT devices we have.’”
Nonetheless, there are solutions for securing IoT and OT devices and machines. Cisco’s MacPherson notes newer multi-band wireless access points enable companies to pull OT networks into the IT realm.
“That gives IT much more power over what traffic is prioritized and how you secure and segment the network so you can isolate different functions,” he says. “So, a hacker getting into a light bulb in a hospital isn’t going to get into a breathing machine that’s keeping a patient alive.”
Segmentation factored into a project Kindervag recalls working on, helping secure a network of some 50 million utility smart meters. The solution involved segmenting the controllers the meters reported to such that they were on the same management plane, then instituting a rule that allows only devices using certain IP addresses and a specific protocol, such as Modbus, to access that plane.
“AI doesn’t help an attacker in this situation if no rule allows an unknown machine on an unknown IP address on the public internet to get access to this system using an unnamed protocol,” he says.
AI to help with defense
Nonetheless, experts including Kindervag agree AI has a role to play in wireless security.
“AI is going to expose vulnerabilities and allow us to patch those before attackers can exploit them, to get ahead of vulnerability-to-exploit curve,” he says. “It’ll incentivize people to take patching seriously.”
“AI has to be looked at as the de facto standard going forward for wireless security,” Kerravala says. “It’s a good way to troubleshoot.” That includes leveraging AI’s ability to detect traffic patterns that are outside normal human activity, such as in a deauthentication attack. “AI can see things that people can’t, including even the slightest degradation of performance or other things that are out of the norm.”
DePuy agrees and notes vendors, including Cisco, Extreme Networks, HPE, Juniper, and Ruckus Networks, are bringing such AI capabilities into their cloud management systems. Such systems extend AI troubleshooting capabilities across both wireless and wired networks. “These systems are improving very fast,” he says. “It’s stunning what the plans are,” in terms of using AI to do proactive scans of campus networks and identify issues before they become problems.
Segmentation and zero trust offer sound defense
Companies don’t need to rely solely on AI, however. As Kindervag makes clear, segmentation can also be effective in wireless security, although opinions vary as to how effective. Illumio argues that sound policies can ensure any user is only allowed to access resources for which they are specifically authorized, which would leave intruders in the cold.
Others question how practical segmentation is in instances like the oil and gas company that doesn’t have a good handle on where all of its OT devices are, or in dynamic environments.
“I do think micro-segmentation is a way forward, but in highly dynamic environments, it gets very difficult to track all those different devices, especially ones that move around a lot,” Kerravala says. “That’s where AI can help. It can give you a report and help you understand this device moved to this network, this segment’s got to be extended, or hopefully it can automate the whole process.”
There’s also plenty of agreement that a zero-trust architecture can be effective for wireless security. With zero trust, each device and user must be authenticated and authorized to access each specific resource they are attempting to reach.
“It’s a mandatory part of large-scale networks,” Kerravala says. “Zero trust to me is the most scalable way to do it. It takes a while to set up, but every time a device connects to the wireless network, it must prove its identity and health.”
Kindervag, of course, agrees, noting that techniques like zero trust are imperative for securing something as ubiquitous as Wi-Fi. That’s especially true since he says Wi-Fi wasn’t originally intended for enterprise use and thus wasn’t designed with security in mind.
“But everybody wants it,” he says. “In Maslov’s hierarchy of needs, the number one thing before food and shelter is Wi-Fi.”