Emerging Threat: KRACK network security vulnerability

17 Oct 2017

Emerging Threat: KRACK network security vulnerability

Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again!
 
A vulnerability called KRACK (Key Reinstallation Attack) has been found within the 4-way handshake process which takes place when a device attempts to connect to a wireless network. 
 
Many devices are left at risk since the flaw is in the WPA2 protocol itself meaning the attack will work on all devices using a Wi-Fi network and is not OS dependent. While some routers may receive updates against the KRACK, many will be left unpatched.

So, what does this means for you, the end user?

  • Your Wi-Fi is now quite possibly just a few days from being as secure as the open hotspot in your local coffee shop. 
  • A potential attacker, given enough time, will be able to eavesdrop on whatever is being sent on your Wi-Fi network and possibly even hijack connections.

What Is Affected
This attack impacts all devices using Wi-Fi, such as smart computers, smart phones, access points, IoT devices, etc. Some devices are impacted more than others. It is important to mention that 41% of Android devices are considered vulnerable to the most severe case of the attack.

Technical Description
The attack targets the four-way handshake of WPA2. It is carried out when the client attempts to join a Wi-Fi network that is protected and confirms that the client and access point have the necessary credentials to establish a connection. Simultaneously, the handshake establishes a new encryption key that will be used in the encrypting of future traffic. An advershttps://exchange.xforce.ibmcloud.com/collection/396ecb6880625d6e58dd7636b7c8e8fdary that is within the proximity of a user can reportedly carry out key reinstallation attacks (manipulation of cryptographic handshakes) which are being coined as KRACKs.

Compromise Impact
If the KRACK attack is successful, it can decrypt and read any information the victim sends (such as login credentials).

Recomendations

  • As device updates become available apply them as soon as possible. It is recommended to ensure that your device is updated with the most recent version currently available as well as the firmware of the router.
  • Another important step to take is to ensure that most of your traffic is secured – E.G.  even on your local network, try to use encrypted connections with strong passwords, such as SFTP instead of FTP and SSH instead of Telnet.

References:
https://exchange.xforce.ibmcloud.com/collection/396ecb6880625d6e58dd7636b7c8e8fd
https://thehackernews.com/2017/10/wpa2-krack-wifi-hacking.html
 
For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.

You may also like

04 Oct 2021

BIRGER. Cyber Security Survey 2021.

Benchmark your Cyber Security maturity level in our region.

Read More

14 Feb 2019

"In Cyber Security, we have to be proactive"

BIRGER. the Pan African company has published its second Cyber Security survey which identifies weaknesses in the Cyber Security posture of organisations in our region.

Read More

30 Apr 2015

The strategic metamorphosis of Blanche, Birger

On 30th April 2015 the strategic metamorphosis of Blanche, Birger culminated with the unveiling and launch of its new brand, BIRGER. 

Read More