DHS: KRACK vulnerability puts every Wi-Fi connection at risk
The U.S. Department of Homeland Security issued a warning Monday morning on a fundamental operation flaw in the Wi-Fi Protected Access II (WPA2) protocol, which is designed to secure all modern protected Wi-Fi networks.
WPA2 is used to secure and protect communications between routers, mobile devices and IoT devices. But a flaw in the system’s four-way handshake -- which permits devices with a pre-shared password to join a network -- would allow hackers to hijack connections, decrypt traffic and view communications sent from WPA-2 enabled devices.
Even worse: It could allow threat actors to launch man-in-the-middle attacks.
Discovered by Belgian security researcher Mathy Vanhoef, the flaw affects the WPA2 protocol and is not specific to any software or hardware device. Vanhoef dubbed the flaw KRACK, which stands for ‘key reinstallation attack’ and is fundamental to the WPA2 protocol.
The vulnerability would allow the WPA2 handshake traffic to be manipulated to ‘induce nonce and session key reuse.’ As a result, a hacker could reinstall a key by a wireless access point or client. The good news, however, is that the attack only works if the hacker is within range of the Wi-Fi network.
US-CERT was made aware of the flaw a few months ago and began notifying vendors of the flaw ahead of today’s alert to give them time to prepare patches. Currently, there are no reports of a successful hack of KRACK in the wild.
The vendors most affected by KRACK are Intel, Aruba, Cisco, Espressif Systems, Fortinet, Juniper Networks, the FreeBSD project and Samsung -- among others. Most of these vendors have released patches or are currently investigating the products most impacted by KRACK.
KRACK could be most devastating to IoT devices -- especially in the healthcare sector -- as many vendors and healthcare organizations fail to make timely patches. Healthcare IT leaders can visit the US-CERT advisory site for a list of products and available updates to patch the flaw.