KRACK Attack: Serious Wi-Fi Vulnerability discovered

KRACK Attack: Serious Wi-Fi Vulnerability discovered

KRACK Attack: Serious Wi-Fi Vulnerability discovered

Details were released publicly on the morning of Monday 16th October 2017 of a newly-discovered and serious vulnerability in the WPA wireless network security protocol. This exploitable flaw has been dubbed the KRACK Attack (Key Reinstallation Attack).

Essentially, this attack targets the 4-way WPA “handshake”, which is a two-way communication process undertaken each time a Wi-Fi device such as a laptop or phone connects with a Wi-Fi Access Point (such as a Wi-Fi-enabled router). By disrupting this handshake, an attacker can cause the same cryptographic key to be reused repeatedly, allowing for the decryption of information travelling between the Access Point and a connected device.

The KRACK attack targets Wi-Fi clients connecting to Access Points rather than Access Points themselves. Thus, the attack does not retrieve the Access Point’s Wi-Fi password, unlike other Wi-Fi attacks. While periodically changing an Access Point’s password is general good practice, it unfortunately does not mitigate the KRACK Attack in any way. Additionally, updating Wi-Fi connected-device operating systems (such as Android and iOS) should take priority over updating router firmware.

Important Points to Know:

  1. The KRACK Attack flaw exists within the WPA protocol itself and not in particular hardware or software products
  2. The KRACK Attack exists in various forms which target different WPA handshakes occurring in different situations
  3. Android, Linux and OpenBSD devices are especially vulnerable to the KRACK Attack but all operating systems are vulnerable to one form or another of the attack
  4. Both WPA2 and the older WPA are vulnerable, including personal and enterprise (corporate) WPA/WPA2 networks

What To Do:

Check the websites of the vendors for all of your operating systems (including mobile devices) to determine if a patch to counter the KRACK has been released. If no such patch is currently available, keep a close eye on anything from the vendor which would indicate a timescale for such a patch and ensure that you revisit the website at that time.

Think about disabling WPA/WPA2 Wi-Fi networks if they are not absolutely necessary, until patches become widely-available.

Take the first step towards the next generation of cyber security, contact Hedgehog Cyber security.

Pin It

Comments are closed.