Understanding KRACK WPA2 Vulnerability
Most businesses and homes automatically check the WPA2 box when setting up their Wi-Fi network—as they should. This protocol has been the industry standard for encrypting information shared over Wi-Fi connections since 2004, and its widespread use is a testament to its trusted performance up to this point. We now know, thanks to Mathy Vanhoef and Frank Piessens at KU Leuven, however, that WPA2 WiFi networks are vulnerable to cryptographic attack.
Why Most Wi-Fi Enabled Devices Are at Risk
The flaw is in the four-way handshake used in WPA2’s protocols, not in any device’s programming. Thus, devices running Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others are all vulnerable.
Where the Problem Occurs
The flaw is what Vanhoef calls a “Key Reinstallation Attack.” To explain, when a user attempts to join a network, there are checkpoints during the different stages in the “handshake” to ensure that the user has the accurate, matching credentials. Once the second checkpoint is passed and during the third point of the handshake, a new, unique encryption key is created. This key is used to open and secure the user’s Wi-Fi session. Here lies the vulnerability: since WPA2 networks are instructed not to fail completely if there’s any disruption during this part of the transaction (after all, disruptions are not uncommon), a hacker can either tamper with, or record and replay this new key, allowing the hacker to reinstall a key that has already been used. This, of course, allows the hacker to read the Wi-Fi traffic between devices and access points. Passwords and all other sensitive information is then at risk. Some even speculate that it can also be exploited to modify and inject malware into websites.
How to Protect Yourself from KRACK WPA2 Vulnerability
Though changing your WPA2 network password will not help with the problem, protecting yourself is possible.
- Know Who Is Accessing Your Wi-Fi: The good news is that a hacker has to be physically near your Wi-Fi network to gain access. This limits the chances and number of hackers who have access.
- Apply Patches As Soon As Possible: Researchers know that the flaw can be patched in a backwards-compatible manner. With this knowledge, companies are quickly responding with the appropriate patches for their products. Armed with this information, it’s important that as soon as a security updates are available they are installed on your
1. Router firmware.
2. Device firmware.
Where Different Companies Stand in Their Response
Not surprisingly, big names have already been working on solutions.
- Microsoft: The company reports that they have already fixed the problem for anyone using supported versions of Windows. They urge users to apply the updates. If their system is already set for automatic updates, they are protected.
- Android and Linux Devices: These are the most vulnerable because they allow hackers to manipulate websites.
- Apple / iOS Devices: At the time of this article, Apple reports that a beta version of their update is patching the flaw. They expect to make the patch public in a few weeks.
The Bottom Line
Running software and firmware updates is critical for maintaining your cyber security. For businesses worried that updates may interfere with productivity or negatively impact communication between programs, a managed IT services company can help. Managed IT service companies can manually perform such updates and patches during non-peak hours and test systems before the work day resumes. The added security and reduced down time easily make up for the costs of such services.
QualityIP is Here to Help
If you’re concerned about your network security, device patching, or any other business IT management issue, give us a call. We’d love to help keep you as secure as possible.