Chuck Leaver – KRACK Vulnerability 4 Steps To Protect Yourself

Written By Dr Al Hartmann And Presented By Chuck Leaver

 

Enough media attention has actually been generated over the Wi-Fi WPA2 defeating Key Reinsertion Attack (KRACK), that we do not need to re-cover that again. The original finder’s website is a good place to review the concerns and connect to the comprehensive research paper. This might be the most attention paid to a core communications security failure since the Heartbleed attack. During that earlier attack, a patched variation of the vulnerable OpenSSL code was launched on the very same day as the general disclosure. In this brand-new KRACK attack, similar accountable disclosure guidelines were followed, and patches were either already released or soon to follow. Both wireless end points and wireless network devices need to be properly patched. Oh, and best of luck getting that Chinese knockoff wireless security web cam bought off eBay patched quickly.

Here we will just make a few points:

Take stock of your wireless devices and follow up to ensure correct patching. (Ziften can carry out passive network inventory, consisting of wireless networks. For Ziften-monitored endpoints, the offered network interfaces along with applied patches are reported.) For business IT personnel, it is patch, patch, patch every day anyway, so nothing new here. However any unmanaged wireless devices should be located and vetted.

iOS and Windows endpoints are less susceptible, while unpatched Linux and Android end points are highly prone. The majority of Linux endpoints will be servers without wireless networking, so not as much direct exposure there. But Android is another story, especially given the balkanized state of Android upgrading across device manufacturers. Most likely your enterprise’s biggest direct exposure will be Android and IoT devices, so do your danger analysis.

Prevent wireless access through unencrypted protocols such as HTTP. Adhere to HTTPS or other encrypted protocols or utilize a safe VPN, however know some default HTTPS websites permit compromised devices to force downgrade to HTTP. (Note that Ziften network monitoring reports IP addresses and ports used, so take a look at any wireless port 80 traffic on unpatched endpoints.).

Continue whatever wireless network hygiene practices you have actually been employing to recognize and silence rogue access points, wireless devices that are unapproved, etc. Grooming access point placement and transmission zones to decrease signal spillage outside your physical limits is also a wise practice, considering that KRACK hackers must be present locally within the wireless network. Do not give them advantaged positioning opportunities within or close by to your environment.

For a more broad discussion around the KRACK vulnerability, have a look at our recent video on the topic:

 

~leaverchuck1


No Responses Yet to “Chuck Leaver – KRACK Vulnerability 4 Steps To Protect Yourself”

Leave a Reply