Key Reinstallation AttaCK (KRACK) uses security flaw in WPA security protocol

All secured Wifi networks use the WPA security protocol, and are therefore vulnerable to the Key Reinstallation AttaCK (KRACK). The name KRACK belies just how serious this threat is; while there have not been many victims identified, the KRACK method can be used against all modern Wifi networks, including yours. This information was recently made available to the public; if criminals had not already figured out how to use it, you can bet they are doing their homework now.

How does it work?

In simple terms, the attacker recreates your network and intercepts all data that is transmitted using your Wifi connection. This is made possible by a recently exposed security flaw in the WPA secure handshake and transmitted information is received in plain text by the attacker. While data stored on your network is not at risk, all transmitted email, user names, passwords, credit card information and the like can be intercepted and read when your system is under attack. The worst part is, unless you are specifically looking for this attack, it is virtually invisible to the untrained eye.

Data transmitted between a user device and a wireless router goes through a multi-step handshake process (WPA security protocol). The handshake process is where the vulnerability lies, not the end devices. This is good and bad; good because data stored on devices is not at risk, and bad because it is nearly undetectable by users.

Is my business (or home) at risk?

The short answer is “yes”. While Internet security experts have not confirmed many cases of this exploit in the wild, they have confirmed that ALL wireless networks, unless sufficiently hardened against this vulnerability, can fall prey to this attack. This is one of the few times that consumers get a head start on the criminals, so be sure to take advantage of it.

For the attack to succeed, the attacker must be relatively close to the targeted wireless network. This means that they will be targeting areas with a high concentration of wireless networks (think strip malls and apartment buildings) or a large volume of users (coffee shop, internet café). While no one can guarantee that suburbia is “safe”, the risk of attack is considerably lower.

 

Is there any good news?

The good news is, updating user devices and wireless routers can thwart this attack! The bad news is, updates are not available for all devices. Remarkably, up-to-date Windows computers and laptops (Windows 7, 8, 8.1, and 10 with ALL security patches installed) are safe from this attack. Windows is leading the charge, but other devices will be protected soon.

Here is a short list of common devices and their KRACK resistance status:

  • Windows Computers – Windows versions 7, 8, 8.1, and 10 are all protected IF they are up to date (run the Windows Update Wizard)
  • iOS devices – iPads, iPhones (5s and newer), and other iDevices – 11.1 or higher
  • MacOS – iMac and MacBook – 10.11.1 (this is a Beta version; the fully tested version has not been released yet)
  • Android – Google Pixel and Samsung Nexus phones – Security update scheduled for November 6
  • Android – Tablets and non-Nexus or Pixel phones – devices running Android 6.0 or later have a higher risk of getting KRACKed use with Wifi at your own risk
  • Meraki Wireless Devices – such as the Shaw Go Wifi components – 25.11 or higher

My device isn’t listed, what can I do?

One glaring omission from the hardware list above is wireless routers. Most routers in the market today are vulnerable to this attack, especially consumer grade routers. If you picked your router up from a local electronics or computer store, chances are it has no defence against this attack. Doubly so if it has not had its firmware updated recently.

There are to many consumer grade routers to list which ones have security patches available to consumers, which is why I highly recommend contacting CloudCraft IT Services (or your preferred vendor) to book a network security assessment.

In the interim, here are a few steps to help keep your data safe:

  • Update your personal devices and computers immediately – this is a HUGE step in the right direction
  • Whenever possible, use a cellular network instead of connecting to Wifi
  • Use a wired connection where possible (wired connections have always been more secure and are considerably faster)
  • If your business has a VPN, be sure to use it
  • Update your antivirus software

How do I know if my data will be compromised?

As with all things, a little bit of knowledge goes a long way. Before typing in ANY sensitive information (user name, password, cred card information), be sure the website is secure. Addresses for secure websites start with HTTPS:// and browsers use a “lock” icon to denote a secure connection:

The KRACK vulnerability works on websites with improperly implemented HTTPS coding. Get in the habit of checking for a secure connection before inputting sensitive data. Websites with properly implemented HTTPS coding are not affected by this vulnerability. Criminals are getting better at tricking Internet users, so picking up good habits will improve your security for years to come.

What are the next steps?

Call or email CloudCraft IT Services today to schedule your Network Security Assessment. One of our friendly technicians will validate the software or firmware version of your Wifi router and end devices and cross reference them with a list of know good components. We pride ourselves on providing affordable, white-glove computer support and network services to small businesses in the Calgary area. Contact us today so you can rest easy tonight! We are easily reached through email jim@cloudcraftit.com or by phone 403-383-3357. We look forward to hearing from you.

Jim Morris is a classically trained IT professional who has first hand experience with the pain of poorly setup networks. His mission in life is to provide affordable computer support services to small business owners in Calgary and the surrounding area. He is a dedicated husband, father, and son who spends his down time vacationing with family, coaching lacrosse, mountain biking, and enjoying all things Marvel, Star Wars and Science Fiction. #velocity #optimizeme #YYCadvantage. Follow him on twitter @cloudcraftit for the latest information in online security and small business computing tips.