Wi-Fi Vulnerability Alert for WPA2: KRACKs

By this time, you may have heard about the disclosure of multiple exploitable WiFi protocol vulnerabilities by researcher Mathy Vanhoef.

About the Vulnerability

Researchers discovered a serious weakness in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Attackers can use this technique to read information that was previously assumed to be safely encrypted.

Who is at Risk

The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC or contact your vendor.

Vendor Response

A small number of vendors have prepared hotfixes and software updates to address this vulnerability, releasing them silently or within hours of the announcement. However, many are still working on updates and are beginning to provide timelines to their customers. That said, do not assume that patches will be available for all Wi-Fi-enabled devices for several weeks, months or even at all. It will be critical to review your use of Wi-Fi and inventory all assets. This includes mobile phones, laptops, wireless routers, appliances, Internet of Things (IoT) devices and other commercial infrastructure.

What You Can Do to Protect Yourself

The best guidance at this time is to discontinue the use of Wi-Fi completely until Wi-Fi networks have been successfully patched. If that is not possible, require all users to connect via secure VPN tunnel at all times when on a wireless connection. This will add an additional layer of protection in the event that an adversary is actively attacking the protocol. This is a best practice in general for anyone who connects to public wireless access points. Connections to websites using HTTPS can still be eavesdropped. VPNs are the best available solution. Keep in mind many modern Android and iOS devices are set to auto connect to wireless access points when available. Unless a known patch has been applied, assume that all WPA2-enabled Wi-Fi devices are at risk.