You are here

You are here

KRACK Wi-Fi exploit: How to cut your risk

Stephen Gates Chief Research Intelligence Analyst, Zenedge

Recently, researchers discovered a new vulnerability in a low-level protocol used in Wi-Fi networks across the globe. What they uncovered is extremely serious: a severe flaw in the WPA2 encryption protocol that leaves Wi-Fi connections incredibly vulnerable to traffic sniffing and man-in-the-middle attacks.

The researchers went on to prove that this vulnerability is easily exploitable; the recently demonstrated attack is the first known that affects WPA2 encryption.


What it is, what it means

The attack itself, known as a key reinstallation attack (KRACK), allows a capable attacker to hijack and inject malicious data into supposedly secure transmissions between a client and a WPA2-enabled Wi-Fi access point (AP). During a supposedly secure session, attackers can abuse the vulnerability to sniff traffic, steal private information, inject ransomware or malware into the website that the victim is visiting, and take other serious actions. 

The most alarming problem is that all organizations using WPA2 are affected and at risk.

While potentially anyone using WPA2 is at risk, one of the biggest takeaways from the research is that an attacker must be within range of a victim to use KRACK to exploit these weaknesses. The exploit has not been shown to be remotely executable, and an attacker must be physically near the target victim as well as the victim's Wi-Fi network. As such, this makes KRACK a highly targeted attack vector and not a pseudo-random attack, like self-spreading malware and ransomware epidemics.

The big problem is that the vulnerability is in the actual "protocol standard" itself and could likely have significant fallout, since there are millions of susceptible Wi-Fi networks. Several widely used operating systems are vulnerable as well. These devices will likely take a considerable amount of time to patch.

Just think about the reach: Every school, coffee shop, restaurant, shopping mall, airport, train, and business that uses Wi-Fi with WPA2 enabled is likely vulnerable to KRACK.

How to mitigate the attack

To reduce your risk exposure to KRACK, follow these steps. 

Take stock

Assess all their Wi-Fi networks and access points and apply patches immediately. If any device manufacturer has failed to provide timely patches for vulnerable systems, replace those systems with technology from vendors that no longer have the vulnerability. Any organization using WPA2 should engage in an in-depth review of its defenses and prioritize patch management.

Locate all Wi-Fi access points

Continue to mitigate risk by taking inventory of and accounting for every W-Fi access point under your control within your location, campuses, stores, retail outlets, etc. If one access point is left unpatched—for instance, in a single retail outlet—then both the organization and its customers are at risk of being exploited within that environment. Often, it's the weakest link in a chain that causes the greatest calamity.

Secure your sessions

Weaknesses in network encryption protocols such as WPA2 emphasize the importance of securing sessions in general, and web sessions in particular. Most organizations are aware of the importance of SSL/TLS, yet many sites do not secure their browsing sessions. In addition, many consumers are not mindful of when web sessions are encrypted, and many lack the education to know how to detect bogus or potentially dangerous websites.

Be aware—everywhere

Most business travelers jump on and off Wi-Fi networks when on the road without even thinking about the risk they are taking. Not only are travelers conducting business, they're often checking their financial accounts, making purchases, reserving their next travel arrangements, and submitting expense reports. A hacker in close proximity can monitor every transaction made if the Wi-Fi networks are vulnerable to KRACKs.

The Ethernet cable in the hotel room may be a safer bet than the hotel's free Wi-Fi.

Make sure you are educating your employees on best practices when they're conducting business on the road.

Not only should travelers (and consumers) be concerned about connecting to Wi-Fi networks while on the road, but they should also be skeptical of Wi-Fi-connected point-of-sale (POS) terminals. Many commercial vendors—retail outlets, gas stations, restaurants, etc.—have moved away from hard-wired Ethernet POS terminals and now opt for Wi-Fi POS devices. These are also likely vulnerable to attacks.

Be careful out there

Education and awareness are key to prepare for attacks. Researcher Mathy Vanhoef has posted information about the KRACK attack to allow interested individuals to learn more about the hack and how to protect their networks. And because this is a recent discovery, free and readily available attack tools and exploit kits are likely to include KRACK in their next releases if they have not done so already. 

In the meantime, the tips above will help businesses and consumers alike be more aware of their security vulnerabilities and better prepare for attacks. The old saying "You can never be too careful" is definitely true in this case.


Keep learning

Read more articles about: SecurityData Security