WPA2 Security Flaw “KRACK” Puts Wi-Fi Devices at Risk by: David Page - SecurityMetrics
October 10, 2017
What you need to know about the "KRACK Attack" vulnerability By: David Page Security Analyst CISSP, QSA If you haven’t already heard, security researcher Mathy Vanhoef recently discovered a serious vulnerability, dubbed “KRACK,” within the current industry standard encryption protocol "Wi-Fi Protected Access II" (WPA2). WPA2 encrypts traffic on all modern Wi-Fi networks, so any device connected to Wi-Fi could be affected. On October 16, 2017, this vulnerability was made public. If exploited, it could allow hackers to decrypt and read Wi-Fi-transmitted network traffic in some situations. What you need to know: Watch for patches and updates to be released by Wi-Fi device manufacturers and vendors in the near future. Install updates for all devices and operating systems as soon as available. All affected personal and enterprise Wi-Fi devices will need to be patched eventually. See which vendors are affected and if they have been updated/patched yet. This exploit requires the attacker have access to your wireless network. Organizations will fare better if they’ve architected their critical Wi-Fi networks to limit coverage to intended areas, and followed other Wi-Fi networking best-practices.Since this attack is performed over Wi-Fi, using cellular data or an ethernet cord would remove the risk of KRACK. Also, if you connect using a virtual private network (VPN), that will encrypt all your internet traffic.
Make sure to only share sensitive data on sites with HTTPS encryption.
Changing a Wi-Fi password or replacing your router won’t stop KRACK Attacks. This issue is not related to devices themselves.
Android and Linux devices are most easily affected. Most versions of iOS and Windows are only vulnerable when using non-typical multicast communications on a wireless network. What does KRACK stand for?
Vanhoef coined the acronym “KRACK” to stand for “key reinstallation attack.”
How does a key reinstallation attack work?
The WPA2 protocol currently employs a “4-way handshake,” which confirms that both the client and access point have the correct credentials (a password), while at the same time creating a fresh (never used) encryption key that will be used to encrypt all subsequent traffic.
In a key reinstallation attack, a hacker would manipulate and replay the cryptographic handshake messages to trick a victim into reinstalling an already-in-use encryption key. Because the attacker forces reuse in this manner, the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged.
Source: http://blog.securitymetrics.com/2017/10/WiFi-KRACK-Security-Bulletin.html