WPA2 Weakness Found: All WiFi Traffic is Exposed

A security researcher found a WPA2 weakness. WPA2, the security protocol that is used to protect all modern Wi-Fi networks.

An attacker within the range of a victim can exploit the weakness using Key Reinstallation AttaCKS (KRACKS). An attacker could use this attacks to read information that was previously assumed encrypted.

How bad is this?

  1. This attack works on all modern WiFi networks.
  2. Any attacker could steal sensitive information such as credit card numbers, passwords, emails, and everything else presumed encrypted.
  3. An attacker is able to inject malware or ransomeware into websites.

Notifications to vendors that the researcher tested the attack on were sent on July, 14 2017.

After communicating with these vendors, we realized how widespread the weaknesses we discovered are (only then did I truly convince myself it was indeed a protocol weaknesses and not a set of implementation bugs). At that point, we decided to let CERT/CC help with the disclosure of the vulnerabilities. In turn, CERT/CC sent out a broad notification to vendors on 28 August 2017.

The researcher also published a Demo showing how to exploit the vulnerability:

As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted. In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:

The Guardian reported that Britain’s National Cyber Security Centre stated it was examining the vulnerability. “Research has been published today into potential global weaknesses to wifi systems. The attacker would have to be physically close to the target and the potential weaknesses would not compromise connections to secure websites, such as banking services or online shopping.

“We are examining the research and will be providing guidance if required. Internet security is a key NCSC priority and we continuously update our advice on issues such as wifi safety, device management and browser security.”

You should update your access points routers as soon as there is a security update to mitigate against the WPA2 weakness, even if the attack isn’t directed at access points. That said, update your clients as soon as there is a security update.

Mohamad El Hout, MBA, M.Eng., CISSP

Mohamad is an entrepreneur and a Senior Security Consultant dealing with the design and delivery of standard and complex security gateway solutions, covering a wide range of cutting edge technologies. His interests include business, technology, leadership, sports, and the continuous pursuit of knowledge.

%d bloggers like this: