Vulnerabilities in WiFi protocols disclosed

This notice from the University Tech committee was released this week:

Overview:  Recently disclosed vulnerabilities in the WPA & WPA2 wireless encryption protocols also known as “KRACK Attack”, could be exploited and result in decrypted communication content and potentially allows altering such content or injecting malicious content. We are awaiting patches for our Cisco WiFi routers which are in progress however the WiFi clients need to be patched as well. Things to note:

  • An attacker needs to be physically near the client and access point connection being exploited.

  • The attack does not involve compromising or exploiting the password or credentials used to connect to the wireless access point by the client.

Risks:

  • Encrypted wireless traffic could be decrypted.

  • Malicious traffic could be injected.

  • TCP sessions could be hijacked.

  • All of these could result in sensitive data being compromised.

Systems affected:

  • All current wireless enabled systems using WPA or WPA2 for wireless encryption with a wireless access point.

  • This includes Android, iOS, macOS, Windows, and Linux systems.

  • For additional information regarding affected vendors, see: https://www.kb.cert.org/vuls/id/228519.

Some Recommendations:

    • Limit usage of public or unknown WiFi networks in the meantime (cafe, airport, Library, etc)
    • Apply patches for clients (phone, tablet, laptop, smartwatch) from vendors as soon as possible after testing.

    • Utilize the campus VPN to tunnel wireless traffic.

    • Utilize encrypted protocols (such as HTTPS and SSH) whenever possible.

    References:

You may also like...

Leave a Reply