WiFi Vulnerability that affects us all

October 21, 2017

On October 16th 2017 a vulnerability in the WiFi Technology WPA2 was discovered. This vulnerability has been dubbed the name "KRACK" which is short for Key Reinstallation Attacks.

 

 

 

Undoubtedly you've seen or heard about KRACK this week... Unless you've been living under a rock. 

 

So what is KRACK?

 

Definition: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. 

 

If you want to read the techie details the direct link to CVE HERE and KRACK Webpage HERE

 

A list of devices and vendors affected HERE

 If you read any of that and scratched your head, don't worry I'll summarize

 

WPA2 is the system which handles the passwords and encryption used when connected to a Wireless Router. Most users know it as that pesky password they can't remember but need to know when connecting a new device to your home WiFi. The password acts as a secret greeting between a Client (laptop or smartphone) and a Wireless Access Point or Wireless Router. Attackers clone the Protected WiFi network and forward all internet traffic through their device allowing them to sniff through information being sent over the Internet. 

 

 

For a user or their device to be vulnerable to this exploit several conditions must be met:

  1. The user's computer would need to have a wireless network enabled 

  2. The attacker would need to execute a man-in-the-middle attack to intercept traffic between the targeted device and the Wireless Access Point or Wireless Router. 

  3. The attacker would need to be within physical proximity of the targeted user. If you live in a congested location such as a neighborhood, dorm or apartment there isn't a lot you can do. If you live in a more remote location keep an eye out for a creepy van sitting in your driveway.

 

Here's what we know thus far:

  • WiFi has never been as secure as wired. Problems in WiFi have been going on for years. Back in the day WEP Encryption had MAJOR security issues and the world didn't end then...

  • The big players affected by this vulnerability have know since the end of August 2017.

  • This vulnerability affects Client Devices and not the Wireless Access Points or Wireless Router.

  • Changes your passwords doesn't solve this issue.

  • There is no evidence as of 10-21-2017 that this vulnerability has been used in the wild.

Patching the Vulnerability 

 

Microsoft has patched their end user Operating Systems including Windows 10, Windows 8.1 and Windows 7. In addition Windows Server 2008, Server 2012 and Server 2016 have been patched. 

 

Microsoft Link

 

Apple has stated a patch has been applied to their beta versions of the current Operating Systems and should go public in a few weeks. Thus iOS (iPhones and iPads) and MacOSX (Desktops and Laptops) are still vulnerable. As for AirPort Hardware (Time Machine, AirPort Extreme base station and AirPort Express) a patch is not currently in the works.

 

Apple Link Not Available at this time

 

Android Tablets and Smart Phones are more complex to determine patching. The reason being is Google may release a patch to the vendors who manufacturered these devices. There are A LOT of companies who manufacturer Android devices including Samsung, Sony, LG, HTC, nVidia to name a few. These manufacturers may decide to not pass the patch along to its end users. In addition Cell Phone Carriers have full control on whether updates are pushed to devices as well. Another-words if you have a Samsung Galaxy S7 on Verizon both Samsung and Verizon have to be willing to "play ball". 

 

Android Link Not Available at this time

 

Quick Fixes and Advise

  • For Smart Phones use Mobile Data instead of WiFi

  • Avoid Public WiFi at Airports, Starbucks, Hotels, etc.

  • Ensure websites like banking are HTTPS:\\ 

    • Click HERE for a link explaining HTTPS

  • Hard wire everything with an Ethernet Cable

  • If you're running old equipment with unsupported software it is time to upgrade. 

  • For devices that do not have a patch a VPN Service can be used to secure your connection. I personally recommend Nord VPN (LINK) and Tunnel Bear Giant or Grizzly (LINK) Services. These are paid for subscriptions. Avoid free VPN services.

  • Many Anti-Virus Security Suites offer VPN options as well. 

  • RELAX!

  • Especially paranoid? Move to the woods… It may be time to relocate to a remote cabin in the woods far from any neighbors. I hear Smokey the bear is looking for a new room mate

 

Demonstration

 I will do my best to provide updates to this blog when Patches become available

 

For now here a good resource for Patches: 

http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/ 

 

 

 

Please reload

Featured Posts

Write a Review of Bringing Your Tech to Life

August 22, 2019

1/6
Please reload

Recent Posts

February 27, 2019

January 31, 2019

November 22, 2018

Please reload

Archive