Strategic Profits Inc

WPA2 Security Flaw “KRACK” Puts Wi-Fi Devices at Risk by: David Page - SecurityMetrics

Oct 26, 2017

What you need to know about the "KRACK Attack" vulnerability By: David Page Security Analyst CISSP, QSA If you haven’t already heard, security researcher Mathy Vanhoef recently discovered a serious vulnerability, dubbed “KRACK,” within the current industry standard encryption protocol "Wi-Fi Protected Access II" (WPA2). WPA2 encrypts traffic on all modern Wi-Fi networks, so any device connected to Wi-Fi could be affected. On October 16, 2017, this vulnerability was made public. If exploited, it could allow hackers to decrypt and read Wi-Fi-transmitted network traffic in some situations. What you need to know: Watch for patches and updates to be released by Wi-Fi device manufacturers and vendors in the near future. Install updates for all devices and operating systems as soon as available. All affected personal and enterprise Wi-Fi devices will need to be patched eventually. See which vendors are affected and if they have been updated/patched yet. This exploit requires the attacker have access to your wireless network. Organizations will fare better if they’ve architected their critical Wi-Fi networks to limit coverage to intended areas, and followed other Wi-Fi networking best-practices.
Since this attack is performed over Wi-Fi, using cellular data or an ethernet cord would remove the risk of KRACK. Also, if you connect using a virtual private network (VPN), that will encrypt all your internet traffic.

Make sure to only share sensitive data on sites with HTTPS encryption.

Changing a Wi-Fi password or replacing your router won’t stop KRACK Attacks. This issue is not related to devices themselves.
Android and Linux devices are most easily affected. Most versions of iOS and Windows are only vulnerable when using non-typical multicast communications on a wireless network. What does KRACK stand for?

Vanhoef coined the acronym “KRACK” to stand for “key reinstallation attack.”

How does a key reinstallation attack work?

The WPA2 protocol currently employs a “4-way handshake,” which confirms that both the client and access point have the correct credentials (a password), while at the same time creating a fresh (never used) encryption key that will be used to encrypt all subsequent traffic.

In a key reinstallation attack, a hacker would manipulate and replay the cryptographic handshake messages to trick a victim into reinstalling an already-in-use encryption key. Because the attacker forces reuse in this manner, the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged.
Source: http://blog.securitymetrics.com/2017/10/WiFi-KRACK-Security-Bulletin.html

Previous Posts

Feb 07.17 | Payment Processing 101: What your Nonprofit needs to Know

Payment Processing 101: What your Nonprofit needs to Know read more

Jun 13.16 | World Refugee Day, June 20, 2016

read more

Apr 28.16 | Cybercrime as Big Business by e as Big Business Sue Marquette Poremba - April 25, 2016

read more

Aug 24.15 | Phishing in the Healthcare ‘Pond’: Going Beyond the Baseline of Social Engineering -By Sara Heath on August 21, 2015Coalfire/HealthIT Security

read more

Aug 11.15 | The Dark Web! Shining the Light into the Dark obviously eliminates the Dark! Shine brightly!

read more

Jul 27.15 | Should a QSA and the Merchant be held liable for security breaches! LOL Seriously!

read more

Jun 04.15 | The Right Dose of Exercise for a Longer Life By Gretchen Reynolds

read more

Apr 27.15 | Donate now for NEPAL disaster relief to Humanitarian Coalition and Wateraid

read more

Apr 27.15 | Canadian government to match donations to new Nepal earthquake relief fund - @CityNews

read more

ARCHIVE