KRACK WI-FI Attack

krack wi-fi attack alt

KRACK WI-FI Attack

A devastating flaw in Wifi WPA security protocol makes it possible for attackers to eavesdrops your data when you connect to Wi-Fi. It is Dubbed KRACK. Mathy Vanhoef, researcher who discovered KRACK said that KRACK issue affects the Wi-Fi protocol itself—not specific products or implementations and works against all modern protected Wi-Fi networks. It means that if your device using Wifi, KRACK likely impacts it. Fortunately, major tech companies are moving quickly to patch the issue.

How does KRACK break Wifi security?

KRACK (Key,Reinstallation, AttaCK) targets the third step in a four-way authentication “handshake”, its performed when your Wifi client device attempts to connect to a protected Wifi network.The encryption key can be resent multiple times during step three, and if attackers collect and replay those retransmissions in particular ways, Wifi security encryption can be broken.

 

krack wi-fi attack

 

What happens when Wi-Fi security is broken?

For starters, the attacker can eavesdrop on all traffic you send over the network. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” Vanhoef says.

How to protect yourself from KRACK’s Wifi flaw?

Keep your devices up to date! Vanhoef says “Implementations can be patched in a backwards-compatible manner.” That means that your device can download an update that protects against KRACK and still communicate with unpatched hardware while being protected from the security flaw.

Given the potential reach of KRACK, patches are coming quickly from many major hardware and operating system vendors. Up-to-date Windows PCs, for example, are already protected. Until those updates appear for other devices, consumers can still take steps to safeguard against KRACK. The easiest thing would be to simply use a wired ethernet connection, or stick to your cellular connection on a phone. That’s not always possible though.

Related Product affected by KRACK

Aruba            : Aruba WPA Vulnerability

Ruckus           : Ruckus WPA2 Vulnerability & Ruckus Krack Resource Center

If you have our support contract, you can contact us on : [email protected]

How To Keep Device Safe?

Aruba :

The vulnerabilities have been fixed in the following Aruba OS patch releases:

  • 3.1.25
  • 4.4.16
  • 5.1.9
  • 5.3.3
  • 5.4.2
  • 1.0.4

Ruckus :

Product Family Target Patch Software Version Target Patch Release Date
P300 100.1 3 November 2017
SmartZone · 3.1.2

· 3.2.1

· 3.4.2

· 3.5.1

 

· 30 October 2017 (AP firmware upgrade with 3.4.2)

· 30 October 2017 (AP firmware upgrade with 3.4.2)

· 30 October 2017

· 30 October 2017

Ruckus Cloud Ruckus Cloud 5 November 2017
Unleashed 200.5 15 November 2017
Xclaim Xclaim 5 November 2017
ZoneDirector · 9.10.2

· 9.12.3

· 9.13.3

· 10.0.1

· 30 October 2017

· 15 November 2017

· 30 October 2017

· 30 October 2017

ZoneFlex7731 TBD TBD

References :

https://www.pcworld.com/article/3233308/security/krack-wi-fi-security-flaw-faq-tips.html

https://inet.detik.com/security/d-3688767/krack-ancaman-penyusup-wifi-yang-sulit-dibasmi

https://inet.detik.com/konsultasi-internet-security/d-3700327/tips-untuk-pengabdi-wifi-hadapi-ancaman-krack

 

Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *