Discovering KRACK exploits
Over the last couple of days, there’s been quite a bit of buzz about the disclosure of some seemingly major vulnerabilities in the WPA2 Wi-Fi protocol, controlling how all Wi-Fi-enabled devices function. Fortunately, the issue isn’t quite as severe as it initially appeared, and can be protected against in practically all cases - we’ve put together some information on what’s happening.
We’d recommend heading over to the KRACK Attacks website for a full overview of the vulnerability, but essentially, the weakness theoretically allows attackers to view all information that a victim transmits over Wi-Fi by fooling the network into accepting a reused key, which would allow an unauthorised user to intercept and decrypt traffic, potentially including passwords, useful cookies, and more.
Fortunately, while an attack along this line could have serious consequences, it’s generally quite difficult to set one up - there’s unlikely to be any practical uses for a while. Beyond that, it’s also possible to retroactively patch out the vulnerability in all cases.
Most companies whose services could potentially be affected by the vulnerability have, or will be, releasing patches to completely resolve the issue. As always, it’s important to stay up to date with patches across all the tech that you use, with this vulnerability just being the latest demonstration of that importance.
Exa Services using WPA2
The vulnerability was initially discovered by researchers some time ago, with a number of companies having been alerted about the issue in time to start working on fixes. As such, a number of organisations have released, or are about to release, patches that entirely resolve the KRACK vulnerability, while most others should shortly be following.
At the moment, most of the potentially affected companies that Exa works with (including MikroTik and FortiGate) have released patches to prevent the vulnerability - we’re currently expecting a patch from StormShield. In all cases, patches and information should be available shortly - we’d recommend getting in touch with our support team at 0345 145 1234 for up to date guidance.
If you’re not an Exa customer, we’d recommend getting in touch with the relevant supplier’s support team if you’re unsure of the response.
With the vulnerability potentially affecting a number of operating systems, it’s important to stay up-to-date with patches across firmware as well as the hardware we’ve previously mentioned - fixes should be available shortly across the board. In particular, it’s going to be particularly important to patch if you’re using a Linux or Android system, with these operating systems apparently being particularly vulnerable to the attack.