Vulnerabilities in WPA2 Reportedly Expose Wi-Fi-Enabled Devices to Eavesdropping
Several security flaws in the Wi-Fi Protected Access 2 (WPA2) protocol were recently disclosed, which can reportedly expose wireless devices to Key Reinstallation AttaCK (KRACK), a proof-of-concept exploit that compromises WPA2’s encryption mechanism. KRACK involves “manipulating and replaying cryptographic handshake messages”—the process of establishing parameters for systems and devices to communicate with each other.
WPA2 is used to secure Wi-Fi-enabled devices and hardware through authorization and encryption mechanisms. If successfully carried out, KRACK can enable attackers to eavesdrop on the network traffic traversing between the device and Wi-Fi access point.
Ars Technica noted that the advisory issued by the United States Computer Emergency Readiness Team (US-CERT) to certain organizations described the vulnerabilities to be related to the handshake used to generate the key that encrypts the traffic. The key, when resent multiple times, can be reused, even if it’s supposed to be a nonce (that is, it can only be used once).
[READ: Wi-Fi on the Go—How Safe is it?]
Ars Technica quoted, “US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected.”
According to the researchers, 41% of Android devices are susceptible to variants of KRACK, while Linux systems are also heavily impacted. Apple, Windows, OpenBSD, MediaTek, and Linksys devices were also noted to be affected by the vulnerabilities. The security flaws have been designated with the following CVE identifiers:
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
- CVE-2017-13084
- CVE-2017-13086
- CVE-2017-13087
- CVE-2017-13088
[READ: BlueBorne: Bluetooth Vulnerabilities Expose Billions of Devices to Hacking]
Mathy Vanhoef and Frank Piessens, the researchers who uncovered the vulnerabilities, are scheduled to present their findings at the upcoming ACM Conference on Computer and Communications Security (CCS). Both also have other researches on WPA2 security: their latest research took cues from the previous findings they demonstrated at the Black Hat Conference held last August. It detailed the logical implementation flaws in certain protocols used in Wi-Fi handshakes and the countermeasures that can be used against them. Last year, they published a research paper on how group keys in WPA2/802.11 can be decrypted and misused.
[InfoSec Guide: Defending against Man-in-the-Middle Attacks]
Given the potential impact of the vulnerabilities, IT/system administrators, information security professionals, and end users are recommended to adopt best practices to mitigate possible attacks on Wi-Fi networks and devices:
- Regularly update the Wi-Fi router’s credentials to lessen its attack surface
- Configure the service set identifier (SSID) in a way that can minimize how the Wi-Fi connection/network can be discovered by others
- Enabling your firewall to add a layer of security to devices
- Use a Virtual Private Network, especially when remotely accessing corporate assets
- Update Wi-Fi-enabled devices, routers or hardware’s firmware whenever possible; alternatively, switch to Ethernet/wired connections at least until the vulnerabilities are patched
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Recent Posts
- Unleashing Chaos: Real World Threats Hidden in the DevOps Minefield
- From Vulnerable to Resilient: Cutting Ransomware Risk with Proactive Attack Surface Management
- AI Assistants in the Future: Security Concerns and Risk Management
- Silent Sabotage: Weaponizing AI Models in Exposed Containers
- AI vs AI: DeepFakes and eKYC