Important news has come in over the weekend regarding a “KRACK” attack against modern WiFi networks, whereby an attacker can silently capture and read data transmitted over the WiFi network, despite the data being encrypted – capturing usernames and passwords, credit cards, bank logons, emails, and much more.
It is extremely serious, and whilst it is early days, the hack method is likely to be weaponized in short notice by those of malicious intent.
Updates to this issue
23/10/2017: All of our clients running Ubiquiti UniFi access points have now had those access points patched and are no longer vulnerable. Sophos and Cyberoam devices do not yet have a patch available.
What we’re doing about it
Clients using our Ubiquiti UniFi WiFi access point systems will be upgraded automatically over the next few days, requiring a minor outage to WiFi as the devices reboot. This will be done outside of business hours.
Clients using other WiFi access point systems will be contacted in the next few days to arrange an upgrade to their devices providing WiFi where upgrades have been made available by the vendors, and where no upgrade is available we will be contacting you with further information.
Technical information about the issue
The information below is an excerpt from www.krackattacks.com, taken on 16th October 2017, where the discoverers of the vulnerability discuss it in great detail:
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.
For more information
This issue is still quite new, and we will be updating this blog post on a regular basis as news unfolds. You can also keep an eye on our Facebook feed for updates. Meanwhile, please contact us should you have any queries or concerns about your own WiFi systems.
My WiFi already sucks, hacking is the least of my concern – can you make it better?
YES we can! If you suffer from poor WiFi coverage, slow WiFi speeds, or poor WiFi signal across your office space or multiple story office or home, we can assist. Maybe you want to offer secure guest WiFi within your office, or a WiFi hotspot at your restaurant, cafe, club, function room?
Not a problem, just get in touch with us and we’ll be able to assist. It’s cheaper than you think and you’ll wonder why you waited til now to get it sorted!