Emerging Threat: KRACK network security vulnerability

17 Oct 2017

Emerging Threat: KRACK network security vulnerability

Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again!
 
A vulnerability called KRACK (Key Reinstallation Attack) has been found within the 4-way handshake process which takes place when a device attempts to connect to a wireless network. 
 
Many devices are left at risk since the flaw is in the WPA2 protocol itself meaning the attack will work on all devices using a Wi-Fi network and is not OS dependent. While some routers may receive updates against the KRACK, many will be left unpatched.

So, what does this means for you, the end user?

  • Your Wi-Fi is now quite possibly just a few days from being as secure as the open hotspot in your local coffee shop. 
  • A potential attacker, given enough time, will be able to eavesdrop on whatever is being sent on your Wi-Fi network and possibly even hijack connections.

What Is Affected
This attack impacts all devices using Wi-Fi, such as smart computers, smart phones, access points, IoT devices, etc. Some devices are impacted more than others. It is important to mention that 41% of Android devices are considered vulnerable to the most severe case of the attack.

Technical Description
The attack targets the four-way handshake of WPA2. It is carried out when the client attempts to join a Wi-Fi network that is protected and confirms that the client and access point have the necessary credentials to establish a connection. Simultaneously, the handshake establishes a new encryption key that will be used in the encrypting of future traffic. An advershttps://exchange.xforce.ibmcloud.com/collection/396ecb6880625d6e58dd7636b7c8e8fdary that is within the proximity of a user can reportedly carry out key reinstallation attacks (manipulation of cryptographic handshakes) which are being coined as KRACKs.

Compromise Impact
If the KRACK attack is successful, it can decrypt and read any information the victim sends (such as login credentials).

Recomendations

  • As device updates become available apply them as soon as possible. It is recommended to ensure that your device is updated with the most recent version currently available as well as the firmware of the router.
  • Another important step to take is to ensure that most of your traffic is secured – E.G.  even on your local network, try to use encrypted connections with strong passwords, such as SFTP instead of FTP and SSH instead of Telnet.

References:
https://exchange.xforce.ibmcloud.com/collection/396ecb6880625d6e58dd7636b7c8e8fd
https://thehackernews.com/2017/10/wpa2-krack-wifi-hacking.html
 
For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.

You may also like

30 Apr 2021

Organisations must adapt their Cyber Defense strategies to the new realities following Covid-19.

With Covid-19, the priority of organisations was to ensure the continuity of their operations. They had to implement new operating models without the usual validations.

Read More

20 Jul 2017

ATM's 50th Anniversary

ATM celebrated its 50th anniversary, since the first installation by Barclays Bank in London.

Read More

28 May 2020

Free Phishing Campaign to enhance Cyber Security Awareness

Phishing attacks have considerably increased following the current global situation and are among the most prevalent threats in our region.
 

Read More