WPA2 Wifi Protocol Flaw Exposes Eavesdropping Potential: Just Say No To KRACK!
Frightening news just in time for Halloween hit the IT sector on Sunday — a security issue inherent to WPA2 Wi-Fi protocol has been identified and is bouncing all over the Inter-web. The disclosure about the high severity vulnerabilities that potentially allows intruders to eavesdrop on Wi-Fi traffic passing between computers and access points will be hitting the public and filtering down to operations and management teams as the week goes on. The exploit may also make it possible to It might also mean it’s possible to forge Dynamic Host Configuration Protocol settings, opening the door to hacks involving users’ domain name service.
The potential exploit is called a KRACK attack, short for Key Reinstallation Attacks. Formal alert bulletins have been making the rounds:
“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.”
Several cloud-based access point manufacturers supposedly already have updates available to patch and mitigate the potential vulnerability. Other cloud providers will follow suit as they release their own software updates to fix the problem. There is no guidance, direction or projection on how the vast number of traditional non-cloud managed access points will be updated.
Manufacturers and their PR teams and security teams on the client-side will be scrambling on this one and there is more info to be released as it becomes available. Here’s what you can do in the meantime. Besides the not-so-realistic recommendation of avoiding Wi-Fi wherever possible until patches are in place, use HTTPS, STARTTLS, Secure Shell and other protocols to encrypt your web and e-mail traffic. As a fall-back, use a virtual private network as an extra safety measure.
Call 512.374.0801 or email us if you’re worried about your network security or now to navigate issues like these! We provide umbrella IT management services all over the US from our Austin headquarters.