How to Keep KRACK from Turning Your Corporate Wi-Fi Public

The KRACK vulnerabilities affect practically all WPA2 networks, including WPA2 Enterprise. Here's what the experts are saying about it!

Author: Jason
Date: 17.10.2017
Read Time: 3 Minutes

News of the U.S. government’s warning that “most or all” of the password-protected Wi-Fi networks in the world could be compromised through the numerous vulnerabilities released under the name “KRACK Attacks” should have your IT department swinging into action.

Harry Sintonen, F-Secure Senior Security Consultant, suggests patching both devices and access points as soon as possible.

“The actual details are a bit hazy as to what exactly is needed to exploit the vulnerabilities, and which combinations of vulnerable and non-vulnerable devices are problematic,” he said.

Fixes may already be available depending on the manufacturer. But some might not be so lucky: “Many end-user Wi-Fi access points and devices might never get an update, and may need to be replaced,” Harry notes.

Given the amount of manufacturers now required to issue emergency updates, precautions must be taken in the meantime.

“If your corporate network uses WPA2 to provide a ‘secure’ network, and does not use encryption between endpoints or servers, you may want to rethink whether you consider that network trusted,” Harry says.

“All WPA/WPA2 based solutions are affected, including WPA2 Enterprise. This means that most corporate Wi-Fi networks are affected as well.”

So what should your business do with a Wi-Fi network they cannot trust to be reliable?

“The good news is that the protective measures used to remediate these vulnerabilities are things you should do anyway, as we’ve never considered Wi-Fi to be secure in the first place,” says Jarno Niemelä, F-Secure Labs’ Lead Researcher.

Using a VPN (virtual private network), like F-Secure Freedome for Business, is one way users can stay safe. But keep in mind that this solution protects individual users, not a whole network.

Unlike many cyber attacks, attacks utilizing the KRACK vulnerabilities cannot be performed anywhere in the world.

“A practical attack requires the attacker to inject raw Wi-Fi frames over radio,” Harry said. “Thus, the attacker needs to be in relative vicinity to the target environment.”

If an attacker is close enough to your network, he may be able to gain access to at least some of your traffic, depending on which protocol your device uses.

“If the device uses the TKIP protocol, the attacker can do everything – that is, both read and manipulate traffic,” explains Jarno. “If the device uses AES, which is the recommended protocol, the attacker can only read traffic.”

Some specific devices are at particular risk of being compromised, according to the the KRACK Attacks site, especially devices running Android 6.0 and above. This means that 41% of Android devices are vulnerable to this exceptionally devastating variant of the attack.

“We’re aware of the issue, and we will be patching any affected devices in the coming weeks,” a Google spokesperson told ForbesApple, however, ​says that it has already patched the exploits for iOS, tvOS, watchOS, and macOS betas.

For now, anyone using Wi-Fi with these vulnerabilities unpatched should keep in mind that the network they’re on could be as insecure as any free public Wi-Fi.


Post Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s