Time to Update all the Wi-Fi Things

in #security7 years ago

Who knew my second post would be so short after my first one.  As some of you have read in my introduction post I am in the cyber security field as a consultant.  I have spent the majority of today reading and learning about a brand new vulnerability against WPA2 Wi-Fi encryption called Key Reinstallation Attack (or KRACK as it's known in the community).  And let me tell you what, this is probably one of the worst vulnerabilities I've seen in a while.

What is KRACK?

At its core, KRACK is a vulnerability in the implementation of WPA2, which is the Wi-Fi encryption algorithm that almost everyone uses nowadays to protect the confidentiality of their wireless network.

KRACK exploits the WPA2 4-way handshake, which is the method that a host and router use to securely share a secret encryption key.  Each time the host connects to a network, a fresh key is shared and installed for that session.  By sending a victim host specially crafted Wi-Fi packets, the attacker can get the host to reuse a previously used key.  This is possible because there is currently no method to guarantee that a key cannot be used more than once.

What does this mean for the security of our Wi-Fi?

Well, essentially this means that if an attacker is within Wi-Fi range of your host, they could potentially decrypt the packets on your network.  In some instances, the researchers were able to even manipulate the data on the network using a man-in-the-middle attack.  However, this attack does not reveal your Wi-Fi password, so there is no need to change your network's Wi-Fi password.

It's important to note that if an adversary were able to conduct this attack against you, they would not be able to see any data that is encrypted by HTTPS or a VPN.  This is why I recommend that everyone use a privacy encrypting VPN (such as PIA; this is not an affiliate link).  Along with that, I suggest using the EFF's HTTPS Everywhere plugin to ensure that you are using HTTPS in every instance.

On a final note, make sure that you are watching for updates to any devices that use Wi-Fi; a lot of the manufacturers will be issuing patches to fix this vulnerability in the coming weeks.  Ensure that you are logging in to your router to check if there are any updates and that you are installing updates on your laptops, desktops, phones, and tablets.

The researchers that found this vulnerability haven't released the exploit code yet to give device manufacturers time to patch the vulnerability.  However, that won't stop someone else from trying to recreate the code themselves.  I plan on downloading the code once they release it to play with the vulnerability.  If you'd like to read more you can visit the vulnerabilities website at https://krackattacks.com or you can download their white paper here.

They have also released a YouTube video displaying how easy it is to exploit the vulnerability and the impact of the exploit.  I highly recommend watching it, as they do a pretty good job explaining how the exploit works.

Sort:  

Congratulations @kslo! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!

Congratulations @kslo! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of comments

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!