KRACK Attack: We Have Your Network Security Covered
A newly-discovered Wi-Fi vulnerability to what's known as KRACK attacks was published this month, leaving everyone laser-focused on protecting against this widespread data threat, including us. In this blog post, we explain what a KRACK attack is, what you need to know about it, and how LightBound worked quickly to patch the network security vulnerability.
KRACKs, or key reinstallation attacks, were discovered by Belgian researcher Mathy Vanhoef, who found a serious vulnerability in WPA2 network security. WPA2, or Wi-Fi Protected Access II, is a standard security protocol designed to secure all modern protected wireless computer networks.
Vanhoef discovered that attackers can exploit the weakness in WPA2, and anyone who uses a Wi-Fi-enabled device is likely at risk. Devices running Linux, Android, OpenBSD, and macOS have been noted as particularly vulnerable.
Below is a video from Vanhoef demonstrating a KRACK attack on an Android device:
KRACK attacks trick victims into re-installing an already-in-use access point key by "manipulating and replaying cryptographic handshake messages." This resets associated parameters such as incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) to their initial value. By forcing these resets, "the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged."
Through KRACK attacks, there is a lot of sensitive data that attackers could access, including:
- Credit card numbers
- Chat messages
To prevent the attack, users must update affected products as soon as possible. The attack does not disclose the WPA2 passkey, so there is no need to change wireless passwords. If you’re using an older access point, which is using TKIP or GCMP encryption, the attacker can inject traffic and actively try to gain additional access. If using AES encryption, the attacker is read-only.
Learn more about vendor responses and the good, the bad, and the ugly about KRACK on GitHub.
How LightBound Patched the KRACK Attack
LightBound worked quickly to patch the vulnerability and ensure network security for LightBound customers. Customers were notified on day 0 of the vulnerability so they could ensure their client devices were patched.
All of LightBound’s managed equipment was patched swiftly and successfully, with 90% of LightBound access points patched by October 17 and the rest patched at
Keeping everything patched and up-to-date is of the utmost importance to us at LightBound—we seek to limit exposures right where they start and were successful at that task.
LightBound Has Your Network Security Covered
The newly revealed Wi-Fi vulnerability shook up the security world, but we were more than equipped at LightBound to handle the vulnerability and take swift action to patch it. We work to ensure top-notch security so you can rest well knowing your data is in good hands.
Thank you for trusting LightBound with your IT needs.
If you have any questions or concerns regarding KRACK attacks or Wi-Fi vulnerability, our Network Operations Center (NOC) is always available by phone at 800.844.8649 or by emailing our NOC at firstname.lastname@example.org.