So, we’ve all been living with the specter of yet another threat to our cybersecurity – this time in the form of the Wi-Fi security vulnerability named KRACK. Well, the good news is, Boston business owners and network administrators need not worry about this most recent wireless security flaw – you can hire Global Data Systems to make sure no cyber-infiltrators make it through the KRACKs!
As a Fortinet technology partner, we pay close attention to what their people are saying about security solutions. In a post on the Fortinet blog regarding the WPA2 flaw dated 10/16/17, Bill McGee reports:
“Early [on Monday, October 16th], it was announced that WPA2, WiFi’s most popular encryption standard, had been cracked. A new attack method called KRACK (for Key Reinstallation AttaCK) is now able to break the WPA2 encryption, allowing a hacker to read information passing between a device and its wireless access point using a variation of a common – and usually highly detectable – man-in-the-middle attack. If successful, this vulnerability can potentially allow a hacker to spy on your data as well as gain access to unsecured devices sharing the same WiFi network.
Of course, as computing power grows, it was just a matter of time before another encryption protocol was broken. In this case, Belgian security researchers at KU Leuven University, led by security expert Mathy Vanhoef, discovered the weakness and published details of the flaw on Monday morning, October 16th.
Essentially, KRACK breaks the WPA2 protocol by “forcing nonce reuse in encryption algorithms” used by Wi-Fi. In cryptography, a nonce is an arbitrary number that may only be used once. It is often a random or pseudo-random number issued in the public key component of an authentication protocol to ensure that old communications cannot be reused. As it turns out, the random numbers used on WPA2 aren’t quite random enough, allowing the protocol to be broken.
The US Computer Emergency Readiness Team (CERT) issued a warning on Sunday in response to the vulnerability that reads in part that, “The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others.”
But how bad is it, really?
First, an attacker needs to be in reasonably close proximity in order to capture the traffic between an endpoint device and the vulnerable wireless access point. So, until things are fixed, you should be especially careful using public WiFi. Of course, we’ve been saying that for years.
In addition, the attack is unlikely to affect the security of information sent over a connection using additional encrypted methods such as SSL. Every time you access an HTTPS site, for example, your browser creates a separate layer of encryption that will keep you safe when doing things like online banking or making purchases, even in spite of this latest security threat. So, keep your eye on that little lock icon in the corner of your browser when you are conducting transactions online over a WiFi connection.
Likewise, VPN connections – which you should already be using – will continue to protect your corporate data even if your WPA2 connection is compromised.
For users of Fortinet’s suite of secure wireless access points and Wi-Fi enabled solutions, please consult the latest Fortinet PSIRT Advisory that provides details on which versions of Fortinet devices are affected, and what you can do to ensure you are protected.
In the meantime, the most important thing users can do, and you will see this repeated across the Internet, is to remain calm. Yes, it’s a big deal. And yes, lots of devices are impacted. But with good information, some careful planning, and encouraging users to continue to use good security basics – like using VPN and SSL – your data should be safe until you can get your devices patched and updated.
But your window of opportunity is closing. Over the past year, we have seen a number of exploits launched right on the heels of an announced vulnerability. Organizations that have let their security hygiene lapse, especially with regards to patch and replace protocols, were the ones most affected by the rash of attacks that followed. The most important thing you can do is focus your resources to close that gap between vulnerability disclosures and targeted exploits as much as possible.”
Ready for Fortinet-backed security services that will prevent a Wireless Security KRACK on your network? GDS understands the ramifications of this latest Wi-Fi security vulnerability and can help you stay connected securely. Just give us a call at (888) 849-6818 or email us at info@GDSConnect.com to get started!
The weakness Vanhoef identified is in the WPA2 protocol’s so-called “four-way handshake.” That procedure determines whether a user attempting to join a network and the access point offering the network have matching credentials. It’s essentially an exchange that ensures the user knows the network password. The four-way handshake also generates a new encryption key—the third communication in the four-step process—to protect the user’s session.
The newly discovered vulnerability […] allows a hacker to tamper with or record and replay this third message, enabling them to reinstall a cryptographic key that’s already been used. That key reuse also resets the counters for how many packets, or bits of data, have been sent and received for a particular key. When these tallies are reset, an attacker can replay and decrypt packets, and even forge packets in some cases.
All of this manipulates contingency steps in the WPA2 protocol that keep a four-way handshake from totally failing even if the third communication gets lost or dropped (something that can naturally happen at times).
As part of developing WPA2—a standard known as IEEE 802.11i—the Wi-Fi Alliance industry working group published a mathematical proof analyzing the security of the four-way handshake implementation. But Vanhoef notes that Krack attacks are not in conflict with that proof. For example, the attacks don’t leak any encryption keys. It keeps them “private,” and they allow the other steps in the handshake to play out to verify the identity of the user and the access point. In other words, the proof was accurate, but not exhaustive.
(Source credit: Wired.com)
In addition to covering you with the best wireless security assurance around, our IT consulting firm in Boston MA also provides indispensable guidance on everything from business phones to cloud computing, data backup, and recovery, and the best ways of avoiding costly data center downtime.
We can indeed provide coverage for all your IT systems, with both remote and on-site monitoring and maintenance, which supplies tools that are even, in some cases, able to remedy issues prior to them really becoming an “issue” at all!
With GDS, you get everything you’d expect from a top-level IT support company in Boston, including complete disaster avoidance, leading-edge cybersecurity solutions, and other support for ultimate data management and productivity.
Our managed IT services give you budget-friendly, end-to-end network coverage, and eliminate recurrent IT issues in favor of long-term, preventative solutions, like protection from Wi-Fi security flaws.
If you’re ready for a company who understands the KRACK wireless security vulnerability and how to remedy it – just give us a call at (888) 849-6818 or email us at info@GDSConnect.com and we will advise you on how we can prevent wireless security attacks on your network!