16 October 2017

A serious weakness in WPA2, a protocol used to secure modern Wi-Fi networks, has emerged that makes it possible for hackers to decrypt transmitted data.

 

The exploit for the vulnerability has the codename Krack, short for Key Reinstallation AttaCK, and works by targeting the 4-way handshake of the WPA2 protocol. The exploit may allow packet sniffing, connection hijacking, malware injection, and even decryption of the protocol itself.

The identified weakness is inherent in the WPA2 standard and its therefore not depended on specific products or configurations.

 

Limitations of the attack

 

To utilise the Krack exploit, attackers needs to be within range of the target network. While an intruder may be able to capture data sent and received across a compromised network, he or she won’t be able to obtain sensitive data that is communicated via a secured connection that uses end-to-end encryption.

 

How to stay safe

 

To minimise your organisation’s risk, Redscan offers the following advice:

  • Advise employees against using public Wi-Fi hot spots
  • Only connect to secured websites that use HTTPS
  • Where possible, use services that are secured via Transport Layer Security (TLS)
  • Ensure relevant security updates are installed as soon as they become available (regular vulnerability assessments can help with this)

 

More information

 

Redscan will be monitoring closely the Common Vulnerabilities and Exposures (CVE) related to the exploit and will, if necessary, provide further updates. If you have any questions or concerns in the meantime, feel free to contact our CSOC team.

More about Redscan Labs

 

back to all posts