In case you haven’t heard the news, a brand-new Wi-Fi security flaw has enabled hackers to eavesdrop (and do worse) on your Wi-Fi networks, putting almost every wireless-enabled device in the world at risk of attack. This “key” Wi-Fi security vulnerability discovered by Belgian researcher Mathy Vanhoef, of KU Leuven University, was revealed in information he released over the weekend on his hack, which he has called KRACK (for Key Reinstallation Attack).
Vanhoef’s description of the security flaw on his KRACK website is startling: “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.
“The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
Vanhoef said the weakness lies in the protocol’s four-way “handshake,” which securely allows new devices with a pre-shared password to join a given wireless network.
That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
In other words: This flaw, if exploited, gives an attacker a skeleton key to access any WPA2 network without a password. Once they’re in, they can eavesdrop on your network traffic.
The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices — putting every supported device on a network at risk.
“If your device supports Wi-Fi, it is most likely affected,” said Vanhoef, on his website.
But because the discoverer of the “KRACK” Wi-Fi security vulnerability hasn’t released any proof-of-concept exploit code, there’s little risk of immediate or widespread attacks.
News of the Wi-Fi security vulnerability was later confirmed on Monday by US Homeland Security’s cyber-emergency unit US-CERT, which about two months ago had confidentially warned vendors and experts of the bug.
Ready for the wireless security answer to this vulnerability now? Just contact an Apex consultant at (800) 310-2739 or email us at firstname.lastname@example.org for a vulnerability assessment of your network toward helping you patch up this Wi-Fi security vulnerability and maximize your business IT peace of mind!
It affects a core encryption protocol, Wi-Fi Protected Access 2 (WPA2), relied on by most Wi-Fi users to keep their web use hidden and secret from others. More specifically, the KRACK attack allows a hacker to trick a victim into reinstalling an already-in-use key.
Every key should be unique and not re-usable, but a flaw in WPA2 means a hacker can tweak and replay the “handshakes” carried out between Wi-Fi routers and devices connecting to them; during those handshakes, encryption keys made up of algorithmically-generated, one-time-use random numbers are created.
It turns out that in WPA2, it’s possible for an attacker to manipulate the handshakes so that the keys can be reused and messages silently intercepted.
The researchers, who said the attack was particularly severe for Android and Linux users, show how devastating an attack could be in this demonstration video.
The attacks on Google’s Android are made simpler by a coding error, where an attacker will know the key just by forcing a reinstallation. That’s because the operating system uses what’s known as an “all-zero encryption key” when the reinstallation is initiated, which is easier to intercept and use maliciously.
As for how widespread this Wi-Fi security issue is, it appears almost any device that uses Wi-Fi is affected. “The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products [and devices] as soon as security updates become available.
Note that if your device supports Wi-Fi, it is most likely affected.
During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others are all affected by some variant of the attacks,” explained Vanhoef.
The warning came at around the time of the Black Hat security conference, when Vanhoef presented a talk on networking protocols, with a focus on the Wi-Fi handshake that authenticates a user joining a network.
The cyber-emergency unit has since reserved 10 common vulnerabilities and exposures (CVE) records for the various vulnerabilities.
Cisco, Intel, Juniper, Samsung, and Toshiba are among the companies affected.
At its heart, the flaw is found in the cryptographic nonce, a randomly generated number that’s used only once to prevent replay attacks, in which a hacker impersonates a user who was legitimately authenticated.
In this case, a cyber-attacker can trick a victim into reinstalling a key that’s already in use. Reusing the nonce can allow an adversary to attack the encryption by replaying, decrypting, or forging packets.
Supported versions of Microsoft Windows (7, 8 and 10) and the latest versions of Apple’s iOS are largely immune from the flaws, according to security researcher Kevin Beaumont, in a blog post.
However, Vanhoef said the Wi-Fi security issue is “exceptionally devastating” for Android 6.0 Marshmallow and above.
“The key to protecting against KRACK attacks on a wireless network, for the time being until patches are released and applied, is to not rely on the encryption built into the wireless network. Instead, utilize only SSL encrypted websites (look for a green lock and the word “Secure” on the left-hand side of the address bar when you load a website, and for a website address beginning with https:// not http://), or to utilize a VPN.
Note: This impacts wireless devices using WiFi, not your workstation or laptop that is using a wired Ethernet connection.”
“The core of the attack, hence its name, is that the attacker tricks the connected party into reinstalling an already-in-use key,” said Alan Woodward, a professor at the University of Surrey.
Despite the objection many have to branded, or popularized vulnerabilities – Heartbleed, Shellshock, and Poodle to name a few – many renowned security and cryptographic experts are warning not to underestimate the severity of this latest, universal Wi-Fi security vulnerability.
“It’s not a trivial attack,” said Woodward. He warned that the scale of the attack is “huge.”
It’s not the first attack that’s hit WPA2. WPA2 was developed, ironically, as a way to replace a similar protocol, WEP, which was cracked just a few years after its debut in 1997.
Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.
(Source Credit: ZDNet.com)
There’s no need to add to your current stress levels with this. It’s all about awareness and taking action.
In this case, just contact an Apex Technology Management consultant at (800) 310-2739 or email us at email@example.com for a vulnerability assessment of your network toward helping you patch up this universal Wi-Fi security vulnerability where it applies to your business venture and peace of mind!