By now, you may have already heard in the news that there has been a serious industry-wide wireless vulnerability exposed. This vulnerability applies to wireless routers, access points, cell phones, etc.
What Is It?
A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. The bug, known as “KRACK” for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. The vulnerability can allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. In other words: hackers can spy on your network traffic.
The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices — putting every supported device at risk. Cisco, Intel, Juniper, Samsung, Aruba, Mojo and Toshiba are among many of the companies affected. Aruba is one of the first manufacturers to have patches available, according to sources we spoke to at the time of writing.
Who Is Affected?This vulnerability will affect all wireless users using WPA2. An attacker needs to be within a close physical proximity of a vulnerable device, such as a router, mobile device or even or point-of-sale device. That’s not to downplay the seriousness of the attack; however, nowadays a hacker can launch an attack from hundreds of feet from any vulnerable device.
What Should You Do?
First things first: Is the sky falling? Do you need to shut down your Wi-Fi network? No. Simply put, we should ensure mobile devices and workstations are patched. In the mean time, be cautious when visiting non-secure websites. If UDI is managing your environment, we have already begun scheduling and updating software as it is released. If you’re on top of patch management, you may likely already be protected against this attack to a great degree. Microsoft, Apple, Google, Intel, Aruba, and other major vendors have been working on fixing these vulnerabilities for a few months now.
If you need assistance, or have any questions about this security alert, please email:
Until patches are available, Wi-Fi should be considered a no-go zone for anything mission critical.