KRACK Security Flaw: What We Need to Know

KRACK Security Flaw: What We Need to Know

Last month, researchers discovered a new weakness found in the WPA2 protocol (Wi-Fi Protected Access 2), the security method which protects all modern Wi-Fi networks, known as the KRACK security flaw. Although there is no evidence at this time that the KRACK vulnerability was maliciously exploited, this still raises many concerns for both personal and enterprise wireless devices.

What is the KRACK Security Flaw?

The KRACK security flaw, which stands for Key Reinstallation Attack, is a vulnerability that allows an attacker to break the encryption between a router and a device, allowing the attacker to eavesdrop on and interfere with network traffic. This means things like passwords, messages, notes, etc., could be intercepted by a malicious attacker, and used to access sensitive information.

The KRACK security weakness exists within what is known as the four-way handshake. This is a network authentication protocol that is used to establish secure wireless authentication. According to information released by the initial researches who discovered the flaw, depending on the type of network connection, an attacker could possibly inject and manipulate data. This could result in injection of malware that could affect both personal and enterprise devices.

What We Know About the KRACK Security Flaw

As previously mentioned, there is no evidence so far suggesting that a malicious attacker has exploited the KRACK security flaw. Additionally, the discovery was withheld from public knowledge until the appropriate vendors were notified and given the opportunity to create new security patches.

Additionally, an attacker attempting to exploit the KRACK security flaw would have to be within physical range of the wireless signal.

According to an article published by Krebs on Security, sensitive information such as email access or bank account information is likely protected with end-to-end SSL encryption (any website using https…) and should not be affected by the KRACK security flaw.

What You Can Do to Protect Against the KRACK Security Flaw

If you or your organization have yet to protect yourself against the KRACK vulnerability, there are a few things you should do today:

  1. Install appropriate vendor patches. Do some research to see what patches have been made available for your devices’ operating systems. Check out the CERT advisory to see if you are affected and if patches are available.
  2. Ensure you are using proper segmentation controls to protect your internal networks from all wireless devices.
  3. If you find there are no available patches for your devices and systems at this time, disable wireless and connect all devices via Ethernet/wired connections.

For more information on how to protect your organization from the KRACK security flaw, contact us today.

More Resources

10 Ways to Conduct Patch Management

Secure Coding Best Practices

Finding and Mitigating Your Vulnerabilities Through OWASP

1 reply

Trackbacks & Pingbacks

  1. […] Morris is a guest blogger from auditor KirkpatrickPrice. The original blog post may be found here. For additional information on security program best practices, visit the Center for Internet […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *