Critical Vulnerabilities Discovered in WPA 1 and 2 (KRACK)


Researchers identified a vulnerability that affects all implementations of WPA 1 and 2 [1], which can be used to decrypt sensitive information, and in some cases, inject malicious traffic. As the weakness was identified in the Wi-Fi standard itself, the researchers discovered that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and many others, are all affected by some variant of the attacks. The vulnerability can be exploited by an attacker that is within the range of the wireless network, by forcing the victim's client to reuse or reset a secret key component used to encrypt data. Once the component is known, the attacker can easily decrypt data on the Wi-Fi network. This attack does not enable the decryption of traffic encrypted on the network by an additional layer of encryption such as https/ssh. The researchers have not yet published their exploit scripts online, however due to the detailed information provided in their report, it is expected that attackers will soon be utilizing this attack.

IT Security recommends that users monitor their vendor's websites to determine if a patch is available and patch as soon as reasonably possible. A listing of vendors and their patches can be found here, Additionally, users should ensure that whenever possible, any website that they visit utilizes https encryption, and are encouraged to explore the HTTPS Everywhere browser plugin.