<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=138560526769886&amp;ev=PageView&amp;noscript=1">

KRACK Attack: We Have Your Network Security Covered

The Headlines, Security, WPA2, Wi-Fi, Data Security, Wireless AP, Network Security, KRACK

Large blue lock lined up with smaller red locks on a digital screen showing network security

A newly-discovered Wi-Fi vulnerability to what's known as KRACK attacks was published this month, leaving everyone laser-focused on protecting against this widespread data threat, including us. In this blog post, we explain what a KRACK attack is, what you need to know about it, and how LightBound worked quickly to patch the network security vulnerability. 

Wi-Fi icon overlapped by a lock icon showing network security What is a KRACK Attack and Who's Vulnerable?

KRACKs, or key reinstallation attacks, were discovered by Belgian researcher Mathy Vanhoef, who found a serious vulnerability in WPA2 network security. WPA2, or Wi-Fi Protected Access II, is a standard security protocol designed to secure all modern protected wireless computer networks.

Vanhoef discovered that attackers can exploit the weakness in WPA2, and anyone who uses a Wi-Fi-enabled device is likely at risk. Devices running Linux, Android, OpenBSD, and macOS have been noted as particularly vulnerable.

Below is a video from Vanhoef demonstrating a KRACK attack on an Android device: 

KRACK attacks trick victims into re-installing an already-in-use access point key by "manipulating and replaying cryptographic handshake messages." This resets associated parameters such as incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) to their initial value. By forcing these resets, "the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged."

Through KRACK attacks, there is a lot of sensitive data that attackers could access, including:

  • Passwords
  • Credit card numbers
  • Chat messages
  • Emails
  • Photos

To prevent the attack, users must update affected products as soon as possible. The attack does not disclose the WPA2 passkey, so there is no need to change wireless passwords. If you’re using an older access point, which is using TKIP or GCMP encryption, the attacker can inject traffic and actively try to gain additional access. If using AES encryption, the attacker is read-only.

Learn more about vendor responses and the good, the bad, and the ugly about KRACK on GitHub.

Global network security shown through blue map of world overlapped by wall of locks

How LightBound Patched the KRACK Attack

LightBound worked quickly to patch the vulnerability and ensure network security for LightBound customers. Customers were notified on day 0 of the vulnerability so they could ensure their client devices were patched.

All of LightBound’s managed equipment was patched swiftly and successfully, with 90% of LightBound access points patched by October 17 and the rest patched at 2am the following day.

Keeping everything patched and up-to-date is of the utmost importance to us at LightBound—we seek to limit exposures right where they start and were successful at that task.


LightBound Has Your Network Security Covered

The newly revealed Wi-Fi vulnerability shook up the security world, but we were more than equipped at LightBound to handle the vulnerability and take swift action to patch it. We work to ensure top-notch security so you can rest well knowing your data is in good hands.

Thank you for trusting LightBound with your IT needs.

If you have any questions or concerns regarding KRACK attacks or Wi-Fi vulnerability, our Network Operations Center (NOC) is always available by phone at 800.844.8649 or by emailing our NOC at operations@lightbound.net.

If you are interested in entrusting your network security needs to LightBound, we'd love to speak with you about our full Suite of Choice Network services. In particular, our Wireless AP services.

Learn More


October 25, 2017 / by Dane Dittemore