Helpful info on the KRACK WPA2 Flaws
You may have seen updates in the news regarding a new, widespread WiFi vulnerability colloquially called “KRACK” – Key Reinstallation Attack. There are actually a few vulnerabilities under this banner and they all affect the security of wireless networks using WPA2 security.
By compromising WPA2 security, portions of your network traffic may be discoverable by a third party. One point to note is that this is no different to connecting to a shared WiFi network like a cafe, airport, or other open connection.
CERT NZ has more background information in this advisory
What you need to know:
- This vulnerability affects most types of wireless networking equipment, including client devices such as laptops
- This is not necessarily a trivial attack to leverage, however it is likely that tools will become readily available to leverage these flaws in the near future
- Any attacker would need to be within WiFi range of your network to attempt to gain access
- Windows devices with up to date security patches installed are already protected: TechCenter
Depending on the specific systems you use, if someone does gain access, much of your network traffic is likely to be encrypted, therefore they won’t be able to gain any information from it.
What could be exposed is information sent to devices like printers, or between client devices and servers, as this is potentially unencrypted.
What you need to do:
- You do not need to change your WiFi password - this attack works regardless of the password in use
- All of our usual security advice applies - use encryption, accounts with strong passwords, and keep software and device firmware up to date.
- Most leading WiFi vendors are releasing an update to the firmware for their Wireless Access Points over the next few days.
- Apple are releasing MacOS and iOS updates shortly, these should be automatically installed but it is a good idea to check - more info should become available here: Apple Security Updates
- If your Windows updates are not managed centrally, remind your teams to install Windows updates promptly – this issue has already been fixed for Windows 7 and 10, but only if the latest updates are applied.
- Check that auto updates are enabled on mobile devices, many Android devices will be vulnerable until the suppliers release new security fixes
We are anticipating that ISPs will be releasing advice re. home internet routers soon, again it would be a good idea for anyone that works from home just to check that their router firmware is up to date.