Infosec pros around the world are reacting with dismay to a report of a serious vulnerability in their WiFi networks that could endanger the enterprise.
“It looks really bad if the hack is easy to do,” said David Swan, Alberta-based director of cyber intelligence at the Centre for Strategic Cyberspace and Security Science, a consulting firm.
For companies that trust only their staff use the Wi-Fi network “there’s a pretty serious level of concern,” said Brian Bourne, an infosec pro and director of Black Arts Illuminated, which stages the annual SecTor security conference in Toronto.
The problem, discovered by Belgium university researchers and the US-CERT (computer emergency response team), says the vulnerability can be leveraged with a key reinstallation attack (which is why the Belgians call it KRACK), allowing the WiFi’s WPA2 encryption protocol to be attacked.
“Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” say the researches. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
US-CERT notes impacts may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.
The Belgian researchers note an attacker first obtains a man-in-the-middle (MitM) position between the victim and the real Wi-Fi network (called a channel-based MitM position). Packets can’t be decrypted at this point — it only allows the attacker to reliably delay, block, or replay encrypted packets. However, the ability to reliably delay and block packets is used to execute a key reinstallation attack. After performing a key reinstallation attacks, packets can be decrypted.
Fortunately a number of vendors, as described in the US-CERT notification, have issued patches including Hewlett-Packard Enterprises’Aruba Networks, Cisco Systems, Juniper Networks, Intel Corp and Red Hat Linux. Admins with equipment or devices that so far haven’t been patched will have to take some mitigation action.
Like all WiFi networks, an attacker first has to be within range of an access point – although that can be across the street from an organization, hotel or conference centre or in a parking lot. Enterprises that are smart enough to segregate their wireless networks from the corporate network to which servers are attached to are also in a good position.
But the ubiquity of WiFi – offered in restaurants, malls, transportation hubs, as well unnoticed in organizations by employees who decided to add an access point without notifying management – increases the risk.
“A lot of businesses rely on the fact that the only people on their wireless are users they trust,” said Brian Bourne. “Now they have the potential for someone in their parking lot to get on their network. They might as well be running an open network” unless there’s mitigation.
Staff who connect their mobile devices to WiFi networks outside the office are arguably safer, he said because their devices aren’t also connected to the corporate network. However, their devices may be infected with malware that can later be carried back when they do connect to the enterprise.
“For business there will be a fair bit of panic to ensure there are protective measures in place.”
WPA2 uses strong encryption to protect wireless communications. But according to the Belgian researchers in a key reinstallation attack, the adversary tricks an access point into re-transmitting reinstalling an already-in-use encryption key by manipulating and replaying cryptographic handshake messages. When the victim’s device reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value.
To guarantee security, a key should only be installed and used once. “Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice,” said the researchers.
The vulnerability can affect Windows, Linux (or Linux-based OSs used on some routers and access points) and Android 6.0 and above.
WPA2 access points that use the AES-COMP encryption protocol can be hit, the researchers say the effects are worse if they use the WPA-TKIP or GCMP encryption protocols.
To be clear, the WiFi encryption protocol, not the network password, is vulnerable. So changing passwords doesn’t mitigate the problem.
“There are 10 different vulnerabilities that can be exploited,” notes Swan. “The right combination of exploits means your Internet data can be intercepted and read by other people. The fact that there are 10 exploits suggests to me that someone will figure out easy ways to use some of them to read my mail.”
“The problem is there are millions of devices using Android and many millions more routers running on Linux or related system.”
Mitigations include isolating corporate Wi-Fi networks, turning off corporate Wi-Fi networks and encouraging staff not to use Wi-Fi when out of the office. If they need wireless access use only a cellular network.