Emerging Threat: KRACK network security vulnerability

17 Oct 2017

Emerging Threat: KRACK network security vulnerability

Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again!
 
A vulnerability called KRACK (Key Reinstallation Attack) has been found within the 4-way handshake process which takes place when a device attempts to connect to a wireless network. 
 
Many devices are left at risk since the flaw is in the WPA2 protocol itself meaning the attack will work on all devices using a Wi-Fi network and is not OS dependent. While some routers may receive updates against the KRACK, many will be left unpatched.

So, what does this means for you, the end user?

  • Your Wi-Fi is now quite possibly just a few days from being as secure as the open hotspot in your local coffee shop. 
  • A potential attacker, given enough time, will be able to eavesdrop on whatever is being sent on your Wi-Fi network and possibly even hijack connections.

What Is Affected
This attack impacts all devices using Wi-Fi, such as smart computers, smart phones, access points, IoT devices, etc. Some devices are impacted more than others. It is important to mention that 41% of Android devices are considered vulnerable to the most severe case of the attack.

Technical Description
The attack targets the four-way handshake of WPA2. It is carried out when the client attempts to join a Wi-Fi network that is protected and confirms that the client and access point have the necessary credentials to establish a connection. Simultaneously, the handshake establishes a new encryption key that will be used in the encrypting of future traffic. An advershttps://exchange.xforce.ibmcloud.com/collection/396ecb6880625d6e58dd7636b7c8e8fdary that is within the proximity of a user can reportedly carry out key reinstallation attacks (manipulation of cryptographic handshakes) which are being coined as KRACKs.

Compromise Impact
If the KRACK attack is successful, it can decrypt and read any information the victim sends (such as login credentials).

Recomendations

  • As device updates become available apply them as soon as possible. It is recommended to ensure that your device is updated with the most recent version currently available as well as the firmware of the router.
  • Another important step to take is to ensure that most of your traffic is secured – E.G.  even on your local network, try to use encrypted connections with strong passwords, such as SFTP instead of FTP and SSH instead of Telnet.

References:
https://exchange.xforce.ibmcloud.com/collection/396ecb6880625d6e58dd7636b7c8e8fd
https://thehackernews.com/2017/10/wpa2-krack-wifi-hacking.html
 
For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.

You may also like

27 Oct 2023

BIRGER. Cyber Security Report 2022

BIRGER. is pleased to communicate the results of its Annual Cyber Security Survey.

Read More

23 Nov 2020

End-of-Year Office Closing Dates

BIRGER. offices will be closed on 24th, 31st December 2020 and from 4th to 8th January 2021.

Read More

19 Apr 2023

BIRGER. 70th Anniversary

The 3rd NewsIT of our series of 11 articles to mark our 70th anniversary.

Read More