KRACK: Yet Another Article
KRACK (Key Reinstallation Attacks) is a vulnerability in the WPA2 (Wi-Fi Protected Access II) algorithm used to provide access to wireless access points by devices such as computers, smartphones and printers. The vulnerability relates to the ability of an attacker to view, change or fake information on a network.
At the time of discovery, KRACK is a concerning vulnerability, partly because it is a flaw in a fundamental algorithm and partly because WPA2 is so widely-used, across virtually every router, wireless access point and device. Additionally, even with widespread updating of affected devices, there will be many affected devices in the wider ecosystem for many years, because many devices will not receive updates due to vendor or end-user inaction.
However, the risk to individuals will be low:
- It requires physical proximity to the wireless access point, and can't be exploited remotely;
- It is difficult to exploit and requires sophistication by the attacker;
- Most modern client devices such as Windows workstations, iOS (iPhone/iPad) and Android have been patched; and
- Virtually all important traffic is encoded with https anyway, so that information can't be intercepted or modified even after a successful attack.
Businesses will need to consider their risk to targetted attacks. For example, unpatched devices may be considered a low risk in some environments, but businesses sensitive to the possibility of an attack may decide to dispose of all vulnerable network hardware and replace with non-vulnerable hardware.
What To Do
- iOS 11.1 contains the fix.
- For routers and wireless access points, some vendors will release firmware updates and some won't. Some updates will install automatically, and some won't. How this plays out is yet to be seen. As of October 2017 there is very little to be done to network devices as vendors must develop their response.
- Equally, for any other wifi-connected device, check vendor website for responses.