This week a researcher from a university in Belgium announced the discovery of a weakness that can be exploited in nearly all Wi-Fi routers. Colloquially referred to as KRACK, short for key reinstallation attacks, the exploit takes advantage of a vulnerability in the WPA2 wireless security key exchange protocol between your computer and your wireless router. Attackers can exploit the flaw in WPA2 to view data that was previously assumed to be encrypted. It is also possible for an attacker to manipulate the data or inject ransomware or other malware into websites.
All operating systems will be susceptible to this attack, but the devices most at risk are those running Android 6.0 (Marshmallow) or any Linux distribution. However, Windows and Apple devices are still significantly at risk. It is also important to understand that you are only at risk from attackers connected to the same wireless network as you, so the perpetrator would have to be in close proximity to you or your wireless network devices.
First and foremost make sure your devices are fully updated with the latest patches from vendors. This includes PCs, laptops, mobile devices, and network equipment such as wireless routers. Microsoft has indicated a patch will be delivered in the next monthly patch cycle, and other vendors indicate they are working to remediate the vulnerability. Check your devices regularly over the coming weeks and apply updates and patches as soon as reasonably possible.
In the meantime, if you need to perform any task which requires you to transmit sensitive or confidential information, make sure to only use trusted, secure wireless connections. While encryption protocols such as HTTPS provide some additional security, you should still avoid using public Wi-Fi to transmit sensitive data.
Article by Bill Cox, Senior Technology Consultant