The Krack hack – is it the end of the world, or worse: is WPA2 dead?

The Krack hack – is it the end of the world, or worse: is WPA2 dead?

So here we go…

I recently read rather a lot of articles entitled “WPA2 is dead” or “The end of wireless security” and so on, online, and actually saw stuff on the news (TV news channels).

What happened then?

Well let’s spread some truth in the vast world of “exciting” news cycles, and dramatic news bulletins.

What I am going to do, is to tell you some truths about the Krack virus (actually got an email from a family member, someone who was worried about this, because they saw this Krack virus on British news!)

So, first of all, it is NOT a virus, nor is it a hack. It is a potential vulnerability in the current implementations of some vendors’ WPA/WPA2 protocol stacks.

What does that mean?

So, for the wifi-and-cybersecurity-is-magic folks (basically anyone who isn’t an uber-geek and is quite happy for wifi to “just work” – i.e. 99% of the population), what this means is that there is a potential problem/loophole that can be exploited or used to possibly break into the encrypted stream of one or some of your wireless clients. Basically, a couple of guys (and gals) have played around with vendors’ implementations of the WPA and WPA2 modes of operation. They found, under certain circumstances, that these vendors equipment is susceptible to being manipulated to give away secrets that can help bad guys (and gals) abuse and maybe break into networks.

Now these are good guys (and gals) who have “outed” this problem, and they have done it so we can make the world a better place.

It’s important to understand that it is a potential vulnerability and that no code has been written (as of late October 2017) to take advantage of this that we know about. The problems with the statement I just made is “that we know about”. Hackers are probably busy at this moment writing code to do just this. So we have to treat this seriously.

So, what happened next? Well the folks that discovered this, regard themselves as “good guys (and gals)”. They responsibly notified vendors about this potential hack, well before releasing it to the public. Vendors started to work on and release patches that protect from this vulnerability. Good on you vendors, it is the right and responsible thing to do. Our vendors have our backs here and have released, or are releasing, fixes for these potential problems. Our advice is to check with your vendor, see what they say, and take it from there.

Now I was going to spend some time digging into this and writing a lovely blog for you all on this subject. But my good friend Heather Williams at Ruckus has done such a great job, I will refer you to her blog entry on this:
https://theruckusroom.ruckuswireless.com/wired-wireless/technologytrends/commonsense-approach-uncommon-problem/

Heather goes into great detail, in her blog entry, about the vulnerability, what it does, and that it is, in fact, NOT the end of the world.

Heather even includes a link to an article by Kevin Beaumont that includes the original document released by our friendly good guys (and gals), who discovered the vulnerability.

Heather also includes a link to a blog entry by Peter Mackenzie which gives follow up links to much more information and details on the Krack vulnerability. (By the way, Peter’s post is on the WLA website – WLA is a great resource and community to get involved with for WiFi engineers, we highly recommend you take a look at the site).

I don’t think so. Let us know what you think.

That’s it for now. I will include the follow up links from Heather’s site for reference and include a link to the WLA. Stay safe and see you next month.

https://wlanassociation.org/blog/
https://doublepulsar.com/regarding-krack-attacks-wpa2-flaw-bf1caa7ec7a0
https://wlanassociation.org/about/

If you are looking to make your mark in the IT Industry, then NC-Expert offers excellent training courses aimed at relevant IT industry certifications – contact us today to get started.