Story image

How Wi-Fi KRACK vulnerability can hit almost everyone with an endpoint

25 Oct 2017

The widely publicised KRAK vulnerability might allow cyber criminals to intercept data being transmitted between Wi-Fi access points and endpoints, recent research has uncovered. The situation is likely to worsen as cyber criminals create tools to exploit the situation.

KRAK, short for Key Reinstallation Attacks, affects WPA2, which is widely used by many Wi-Fi enabled devices, and can be used to inject malware or ransomware into websites.

So, WPA2 is crackable. This is bad for a number of reasons:

1 –  Almost everyone in Australia is vulnerable: Most home users moved from WEP (the previous standard that was deemed insecure) to WPA2, which makes almost everyone who uses a home router vulnerable. Most companies stopped at WPA2 and did not include things such as Active Directory authentication or multi-factor authentications for wireless access. Unfortunately, WPA2 was deemed ’good enough’ for most.

2 –  If a device Supports WPA2, it is likely to be vulnerable: HINT: almost everything does these days – mobile devices, IoT, laptops, desktops, etc. The scope is vast.

3 – It’s likely the vulnerability will be exploited in the wild very soon – Code has not been released yet, but almost certainly people are already reversing the flaw. This will lead to a plethora of tools to pull off this attack. As yet, the vulnerability cannot be exploited in the wild, but my guess is this will happen very soon.

4 – Attackers have the ability to control traffic – Details of this vulnerability are highly technical, but the attack essentially uses an impersonated user who was previously authenticated. An attacker tricks the user into reinstalling the crypto key (it is supposed to be random and each authentication request gets a new random one). By doing this, attackers can control traffic however they wish.

What are the ramifications of this vulnerability?

You can bet this will end up in Kali Linux and Metasploit quickly and security professionals will all be using this to add an additional ‘flag’ when penetration tests are conducted.

Think of this as a skeleton key for wireless communications. Every pen-test for at least six months will have this as a finding.

The situation is similar to issues some months back about routers and switches. Attackers perform traffic-injection techniques (return fake data or other nefarious things) or simply watch all the traffic and don’t have to hack passwords or user names. After this, attackers can look to do traffic or route injection to send people to whatever fake website they wish.

Communication security is in a dangerous place. The good news is I’ve spoken to a lot of security professionals leading projects to address communication flaws. The bad news is that multiple vendors are affected, so patching could take a long time. We can be sure that attackers will leverage that delta in patching. Communication and router security has been ignored for too long.

After all if you can’t trust your traffic, what can you trust?

Article by By Rick McElroy, Carbon Black.

Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.