Critical Wi-Fi Vulnerability Discovered

The widely used protocol used to secure wi-fi connections is vulnerable to attack. Researchers publicly announced that they were able to exploit a vulnerability in the WPA2 standard. The race now begins to develop and deploy patches before attackers can create hacking software and victimize users.   

The discovery of this bug, named KRACK (Key Reinstallation AttaCK), has some interesting and possibly severe consequences. WPA2 is heavily used as the means to securely connect wireless computing devices to networks. In fact, you probably use it at home to connect to your wi-fi router. Businesses also use it for connectivity of employees, vendors, and customers.    

Successful exploitation of this vulnerability allows an attacker to breach the confidentiality, integrity, and availability of connections and data. Traffic would not be private, nor would devices be able to keep out malicious connections to the network. Intruders could also push data to unsuspecting users.  

The Race Begins 

Whenever such high-risk vulnerabilities are discovered, a race begins. Operating System and network device vendors will work to develop robust patches to resolve the issue. At the same time, attackers will work feverishly to develop tools to exploit the bug and target victims.   

• Phase 1: Researchers and Hackers  Security researchers will attempt to determine the number of potentially vulnerable devices. This provides a better understanding of scope and likely ramifications. Hackers will work to understand the weaknesses and develop hacking tools for use and sale. Once an exploit is created it can be distributed worldwide within hours to the hacking community.    
• Phase 2: OS and Device Patches Operating Systems vendors and device manufacturers will work to develop patches for their products to protect their customers. This can take considerable time as any patch must be tested for efficacy against the bug as well as backward compatibility with products. Nobody wants a patch that will cause problems. The good news here is that responsible vulnerability researchers typically share their finding prior to public announcements. This gives vendors a head-start on developing mitigation plans.   
• Phase 3: Deployments and updates Once patches are ready, then they must be deployed. This can be a push or pull model. Some vendors have the permissions to push patches to devices without user consent. In many cases, it requires user intervention to upload and install. Unfortunately, for a patch like this it may be burdensome to users and businesses to deploy the updates.

Time on Target 

Gaps that exist between the time the hackers find a way to attack and the patches are deployed represent a window of opportunity for exploitation. Sometimes this can be as long as a year or more. It is important we all work together to make sure quality patches are made available quickly and users update their devices where necessary.   

Attackers like to focus on easy victims. By doing nothing, when others are patching, makes you a prime target. Don’t be an easy target. Patch as early as possible. Keep aware of when your vendors release fully tested patches and don’t delay in updating your systems.   

Let’s all work together to shut down this exposure.     

Interested in more? Follow me on LinkedIn, Twitter (@Matt_Rosenquist), Information Security Strategy, Golos, and Steemit to hear insights and what is going on in cybersecurity.     get victims.