KRACK and the WPA2 Implementation Vulnerabilities – What’s up?

You’ve reached an archived blog post that may be out of date. Please visit the blog homepage for the most current posts.

Are you overwhelmed reading the news about the Key Reinstallation AttaCK (KRACK) targeting vulnerabilities on implementations of the WPA2 Wi-Fi encryption scheme?

Let’s review some facts to give it perspective:

  • There is no attack at this point – Despite the “market” name, the attack is a proof of concept (POC) demonstrated by researcher Mathy Vanhoef, from Belgian University  KU Leuven who uncovered the vulnerability. There are no reports of actual attacks or successful breaches associated with this vulnerability at this point.
  • The attack can only happen within the Wi-Fi network – Remote attacks aren’t possible using this vulnerability alone. A successful attack would need to be launched and managed by a device connected to the same Wi-Fi network.
  • All devices connecting via Wi-Fi may be at risk – Even though there are no reported attacks and exploitation requires physical presence, this weakness in the implementation of the WPA2 protocol potentially affects ALL devices connecting via Wi-Fi.

Considering those aspects, here are ways to raise awareness and mitigate the risk for businesses:

  • Communicate early and take possible, appropriate measures as outlined here.
  • Clarify that an attack cannot happen remotely:
    • The attacker must  be within the  reach of the Wi-Fi network to which the victim is connected
    • Both the user device and Wi-Fi access point need to be vulnerable
    • Traffic between a vulnerable device and a secure site is still safe
  • Consider increasing the security measures around endpoints. Make sure that all your security stack is up-to-date.
  • Provide clear guidance to users about connecting to public or external Wi-Fi networks and how to mitigate risks. Always use VPN when logging in to Wi-Fi networks. Whenever possible, avoid connecting to Wi-Fi networks.
  • Make sure you know when your vendors release patches and apply those as soon as possible to eliminate any risk. Consider clients, especially laptops and mobile devices as   a priority as users normally connect to different Wi-Fi access points.
  • Keep monitoring the story for new developments to adjust your measures as new developments are reported.

Is this big or not?

A vulnerability on the implementation of a global standard encryption scheme for Wi-Fi connections is certainly big news. It is scary to imagine that this protocol is implemented in every device connecting via Wi-Fi and that a vulnerability in it could put virtually everyone around the globe at risk. It is an alert to the catastrophic impact that corruption of widely adopted protocols and systems can cause.

So, the buzz around this issue is important to raise awareness and to feed the conversations about how we can improve security and how to be prepared to tackle critical vulnerabilities .

At the same time  it is critical to cut through the noise to understand the risk and devise appropriate measures to mitigate it.

Secunia Research Vulnerability Advisories Related to WPA2

As of today, Secunia Research had issued 25 different advisories on different products affected by the WPA2 vulnerabilities (see image below). This list is expected to grow as vendors issue alerts and patches. We will be updating it daily.

Flexera can help

Software Vulnerability Manager customers don’t need to rely on vendor alerts  or try to scour the internet manually for advisories. They receive alerts proactively and can act fast to mitigate risks.

Software Vulnerability Manager provides direct access to vulnerability advisories on over 55,000 applications and systems, and gives you alerts when vendors and/or researchers disclose vulnerabilities and release patches. The advisories contain verified intelligence by Secunia Research at Flexera.

To learn more about our vulnerability intelligence, watch “Our Intelligence is your Power