KRACK has certainly been the topic on everybody’s mind in the last few days! The exploit has been coined as an “industry disrupter” and “effecting nearly everybody in the digital age.” It’s important to understand how this large scale wireless encryption exploit operates and how you can take preventative measures to protect your network from the KRACK exploit and future security compromises to come.
Recently, a whitepaper was published that demonstrated a design flaw in the 4-way encryption handshake between access point and endpoint. WPA and WPA2, an otherwise ubiquitous wireless encryption standard was at the center of the exploit. Consequently, these standards are often the most utilized in larger corporate and enterprise networks where security is often leveraged as the highest priority. Given the large-scale use of WPA/2, it’s important to understand the implications of KRACK, how it will affect your network, and how to take steps for remediation and prevention.
KRACK operates by leveraging security flaws in endpoints. Most commonly, this affects the endpoint (the device connecting to the wireless networks) and not the access point itself. The “attack” occurs during the 4-way handshake encryption phase before network traffic freely flows to the access point and throughout the network. Upon connecting, a client will begin a 4-way handshake to exchange encryption keys that will be verified for authenticity and eventually installed during phase 3 of the handshake and encrypt all subsequent data. Due to the nature of wireless connectivity, multiple retries may occur during this phase resulting in key resets. KRACK can leverage these resets by incorporating a “man in the middle attack” to force resets within this process and decrypt packets in the interim. During this period, client devices are essentially sending unencrypted data packets throughout the network and are susceptible to plaintext interpretation and visibility.
It’s important to note that this exploit targets a weakness of the endpoint’s execution of the 4-way handshake. In the majority of cases, the access point (regardless of vendor) is not susceptible to KRACK.
The quickest preventative solution is to immediately update your device to the latest firmware, as made available. Most vendors are scrambling to release fixes but many have already established roadmaps to upcoming firmware releases. Microsoft released a fix almost immediately. Apple will be releasing Mac OS and IOS fixes. Android and Linux updates are planned for the near future.
We believe that a holistic security approach is ultimately the best solution to security vulnerability. As large wireless networks become more commonplace it’s important to follow these helpful guidelines at the minimum to ensure adequate protection.
AkinsIT believes that good security is tantamount to a healthy and safe network. Let us help you evaluate your network and provide industry backed solutions to further strengthen your network and prevent exploits like KRACK from being an issue in the first place.
Increase your network's uptime and keep your connections secure with Akins IT
Attend one of our events to learn something new from our partners and experts
Increase your network's uptime and keep your connections secure with Akins IT.
This report offers expert insights into attack types, root causes, top vulnerabilities, TTPs, and more.
1301 Dove Street #130
Newport Beach, California 92660
Mailing Address:
3406 Via Lido, Suite 1A-22
Newport Beach, California 92663
All Rights Reserved | Akins IT | Privacy Policy | Terms of Service | Disclaimer
Website By: EnlightWorks