Recently two Belgian researchers from the University of Leuven Vanhoef’s research group published details about an attack that affects all devices that support Wi-Fi (so pretty much everybody). This attack, referred to as KRACK (short for Key Reinstallation AttaCK) targets the third step in a four-way authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The purpose of this blog post is to:
- Help you understand the issue
- Point you to trusted resources to explain it in more depth
- Determine how you can protect yourself against it
What is the issue?
Researcher Mathy Vanhoef released information regarding a new attack vector on implementations of WPA2 Wireless networks. This attack utilizes a bug in the WPA2 key negotiation process, and is effective against nearly all current Wi-Fi implementations. As of this writing, patches have only been released for a small number of devices. Fortunately, the work required to exploit this vulnerability is high, and due to the physical requirements of attacking Wi-Fi networks it is less likely to be targeted as an attack vector. Phishing, Internet server vulnerabilities, and similar issues will remain the breach methods of choice.
Who is vulnerable?
Everyone with a wi-fi enabled device.
How can I defend myself?
Patch. More to the point, measure your current vendors by how long it takes them to patch. Throw away gear by those vendors that took a long time to patch and replace it with vendors that took a short time. If you use Wi-Fi for sensitive access, you may want to use a VPN to ensure a second layer of encryption protection.
What is being done?
Patches have already been released from a number of the major manufacturers. ISG is in close contact with our strategic partners to understand these patches. If you need assistance applying them or have any questions or concerns, please reach out to your ISG representative or call 877.334.4474.