IT West Ltd

From the blog

News from IT West

Major Wi-Fi Security Risk

Researches have uncovered a major flaw in Wi-Fi connections dubbed as Krack, which could be putting homes and businesses at risk from hackers.

The Flaw

Researchers from Belgian university, KU Leuven, discovered that there is a critical flaw in the authentication system used by secure wireless connections.

All protected Wi-Fi networks use an old, four-way handshake (dialogue) system in order to generate a fresh session. With the handshake, the two devices agree a (session) key to use to keep a secure data connection between them.

According to the researchers, the system of random number generation used in authentication can actually be re-used, thereby allowing someone to enter a network and potentially spy on the data being sent in it.

Exploited

Hackers can exploit the ‘Krack’ vulnerability by tricking victims with a replayed, modified version of the original handshake, thereby making victims reinstall their live session key. This allows the set-up values to be reset which can thereby weaken encryption.

The researchers have found that the flaw means that attackers can potentially hijack a connection, decrypt and inject data, and even forge their own connection.

What / Who Is Affected?

The flaw is in the actual Wi-Fi protected access II (WPA2) security protocol i.e. in the standard itself. This means that there may be millions of routers in customers’ homes and businesses that are vulnerable to attack. Service providers and their customers, therefore, face significant risks because of the flaw.

What About Patching?

The flaw, which has prompted a warning by the US Computer Emergency Readiness Team (Cert), can reportedly be fixed using software patches. Industry body the Wi-Fi Alliance is reported to be working with service providers to help develop a patch, and Google has said that it will be patching any affected devices over the next few weeks.

What Does This Mean For Your Business?

This is reminiscent of the problem encountered back in June, when, after an investigative study by Which?, Virgin Media made the news when its (Netgear) Super Hub 2 and Super Hub 2 AC home routers were found to all have exactly the same private encryption key, thus making them more vulnerable to hacks. This prompted the need for a security patch to be rolled out in order to protect large numbers of customers.

The latest flaw in Wi-Fi connections discovered by the Belgian researchers is another example of how, despite taking their own Internet and data security measures, businesses (and home users) can suddenly find themselves unwittingly being vulnerable to attack because of the equipment and software supplied by service providers who they have to trust. Once again, it is outside security researchers who have discovered the flaw.

Thankfully, patching is generally a fast and effective way to shut down vulnerabilities. Keeping up with patching itself is an important part of any company’s ongoing security processes, and the Fortinet Global Threat Landscape Report (back in August) highlighted the fact that 9 out of 10 businesses are hacked through un-patched vulnerabilities, and that many of these vulnerabilities are 3 or more years old, and have patches already available for them.