What’s the big deal?
Mathy Vanhoef of imec-DistriNet, KU Leuven has discovered a serious weakness in WPA2, a protocol that secures all modern protected Wi-Fi networks. Vanhoef has released a whitepaper, a video example of an attack, created a thorough website explaining the vulnerability, and will be releasing proof of concept exploit code soon.
This is an attack against Wi-Fi, and affects current modern implementations of WPA2 and previous, both on devices that have wireless NICs (phones, computers, etc) and wireless access points (routers).
This is not an attack against WPA2 encryption directly, merely most implementations of it. As such, supported devices that can be upgraded will probably receive a patch. WPA2 encryption itself is not broken.
Devices that cannot be upgraded will need to be replaced, this includes many unsupported IoT devices, older routers, EoL (End of Life) mobile devices, and legacy computer hardware.
The vulnerability lets an attacker that is physically close to victims and routers create a Man-in-the-Middle (MitM) attack and decrypts data as it’s sent over the air. As such, this risk should be evaluated by the individual organization and used in context their risk model.
Mitigation Tactics for this vulnerability include:
- Patch your devices as soon as a patch is available (phone, computer, router).
- Replace devices that cannot be patched with a supported device that are not prone to this attack (when they become available).
- Consider access controlled segmentation of the wireless network from the internal network and use wireless implementations that are resistant to MitM and AP spoofing attacks.
- Use HTTPS where possible and check for the HTTPS symbol when entering credentials.
- Use modern HTTPS (TLS) implementations that are resistant to SSL strip attacks.
Main site: https://www.krackattacks.com/
Demo video of exploit: https://www.youtube.com/watch?time_continue=1&v=Oh4WURZoR98
Vanhoef’s GitHub Page: https://github.com/vanhoefm/krackattacks
- Consumer Education(39)
- Consumer Stories(2)
- Cybersecurity Consulting(10)
- Data Breaches(15)
- Data Privacy(43)
- Incident Response(9)
- MDR Services(64)
- Penetration Testing(16)
- Press Release(61)
- Research Report(9)
- Security Assessments(16)
- Thought Leadership(17)
- Threat Hunting(9)
- Vulnerability Disclosure(3)