New 'KRACK Attack' Puts All Wi-Fi-Enabled Devices At Risk

Contributor:Jason Koestenblatt
Posted: 10/16/2017

Recent findings announced Monday, October 16, show Wi-Fi-enabled devices across the globe are now at risk of being breached with hackers having the ability to decrypt data in transit.

The KRACK attack, which stands for Key Reinstallation Attacks, was found by Mathy Vanhoef of KU Leuven, a Belgian university, and exploits the WPA2 – essentially the security frame for any Wi-Fi network – allowing hackers to infiltrate a device to see or absorb any information available.

Vanhoef’s findings are harrowing, to say the least.

“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef wrote on his website. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

While all operating systems are now at risk, Vanhoef pointed to Android and Linux as having the biggest issues, and can be “tricked into (re)installing an all-zero encryption key.”

Even though those systems seem to be more easily accessible, the attack is OS agnostic as it goes after the Wi-Fi security protocol and not any particular device, Vanhoef said. A four-minute tutorial is outlined by Vanhoef in a video below:

The United States Computer Emergency Response Team was made aware, and posted a list of affected vendors Monday morning. The list is not exhaustive, but includes dates those companies were notified and when updates were released, as seen in the snapshot below:
KRACK attack

So how does a business go about protecting its Wi-Fi systems while patches are deployed? According to Vanhoef, this is the best practice for the time being:

“Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. After updating your router, you can optionally change the Wi-Fi password as an extra precaution.”

As previously reported by Enterprise Mobility Exchange, c-level professionals believe they are most at risk and are the biggest target of mobile security attacks. Because of the “always on” mentality of the high-level or c-suite professional, survey respondents said the biggest threats come when executives are outside the office, tapping into public Wi-Fi locations in coffee shops, hotels, and airports.

Find out more details about the KRACK attack with Vanhoef’s findings here.

Jason Koestenblatt
Contributor: Jason Koestenblatt