Security experts and researchers have identified and confirmed a severe WPA2 security flaw that could affect literally ANY Wi-Fi connected device, from computers, phones, routers, tablets, and more. The researcher, Mathy Vanhoef, named the bug “KRACKs” for Key Reinstallation Attacks and is based on the 4-way handshake of the WPA2 security protocol.
The morning of October 16, 2017 at 7AM, The Department of Homeland Security Computer Emergency Readiness Team (DHS-CERT) issued Vulnerability Note VU #228519. The vulnerability note describes that WPA2 can be manipulated to induce nonce and session key reuse. An attacker within range of an affected access point and client may leverage the vulnerabilities to conduct attacks.
The attacker could decrypt packets of information and inject malware, hijack the device via TCP connection, and may bypass HTTPS in non-browser software, Apple iOS and OSX, Android Apps, banking apps, and even VPN apps.
Video Demo of KRACKs or Key Reinstallation Attacks
Here’s What to Do with the KRACKs Bug
Major device manufacturers will have to deploy new software and firmware updates. Once they have, Wi-Fi users must update any products that may be affected as soon as security updates are available. The researchers indicated that “if your device supports Wi-Fi, it is most likely affected.”
Think of any device that might be affected from your home computer, to Wi-Fi connected security cameras, your Philips Hue lights and security systems, etc. These devices must be updated and if you can, press the manufacturer for an update on when the software update will be release if it hasn’t already been done!
Try to use your mobile network data while the major Wi-Fi and device manufacturers release patches. If you absolutely must use a Wi-Fi connection, you may want to consider a VPN connection. A reliable VPN application can encrypt all your web traffic, either by HTTPS or HTTP.
Looking for more tips on cybersecurity? Look no further. 10 Tips for Personal Cyber Security.
Vendor’s With Identified Wi-Fi Vulnerability
Here are the vendors that have been currently marked as “affected”. Many more are being added or updated as their status is discovered. Be sure to check this website for updates: Vendor Information for VU#228519
- Aruba Networks
- Espressif Systems
- Fortinet, Inc.
- FreeBSD Project
- Intel Corporation
- Juniper Networks
- Microchip Technology
- Microsoft Corporation
- Red Hat, Inc.
- Samsung Mobile
- Sierra Wireless
- Toshiba Commerce Solutions
- Toshiba Electronic Devices & Storage Corporation
- Toshiba Memory Corporation
- Ubiquiti Networks
- Watchguard Technologies, Inc.
According to Vanhoef, The Wi-Fi Alliance, plans to help remedy the discovered vulnerabilities in WPA2 with the following actions:
- Require testing for this vulnerability within their global certification lab network.
- Provide a vulnerability detection tool for use by any Wi-Fi Alliance member (this tool is based on my own detection tool that determines if a device is vulnerable to some of the discovered key reinstallation attacks).
- Broadly communicate details on this vulnerability, including remedies, to device vendors. Additionally, vendors are encouraged to work with their solution providers to rapidly integrate any necessary patches.
- Communicate the importance for users to ensure they have installed the latest recommended security updates from device manufacturers.