Does your network have KRACKs?

On October 16, 2017, Belgian security researchers made public their findings that demonstrated fundamental design flaws in WPA2 that could lead to man-in-the-middle (MITM) attacks on wireless networks.

Named KRACKs, or key reinstallation attacks, this technique can theoretically be used by attackers to steal sensitive information from unsuspecting wireless users leveraging these flaws in the WiFi standard. Based on their research, CERT issued a series of CVEs to address this flaw, and most vendors affected have issued patches as of this writing.

We have evaluated our most common vendors for WiFi hardware including SonicWall, Aruba and Aerohive. All three vendors have verified they are not vulnerable or have issued patches.

Specifically, SonicWall has determined their implementation was never vulnerable. Aruba and Aerohive have offered a patch and explained that only devices used as mesh points were vulnerable. With that said, it should be considered an extremely high priority to patch any and all access points.

Patch all of your WiFi clients, whether Windows, Linux, Android, iOS or Mac OS based, with the latest KRACK updates from your client vendors. The attack is launched by compromising the wireless device, not the wireless router, so that is the most important area to focus on when you go about patching.

This exploit highlights the importance of having commercial grade network hardware for any business location. Many consumer-level devices have not been patched and may never get patched while the commercial grade manufacturers have made it a top priority.