Recently a vulnerability has been reported in the WPA2 protocol used by most modern Wi-Fi networks, called “KRACK” (Key Reinstallation Attacks).
KRACK is actually a combination of ten vulnerabilities found on both the Access Point and the client side, and can be used for the theft of personal data, injection of malware into websites, etc.
It is important to note that:
- The probability of such an attack is very low, because it needs to be carried out from within the range of the Wi-Fi network by a person with high technical knowledge and specialised hardware and software. The Wi-Fi Alliance has no reports of malicious use yet.
- The only real solution to the problem is for manufacturers to update their systems and devices with new security patches. The major firms in the market have been preparing these updates for months. Therefore, they are either already available or will be in the next few days.
- Of the 10 vulnerabilities used by KRACK, 9 of them reside in the client device that connects to the network. It is therefore of vital importance to keep these computers updated with the latest security patches.
- Due to the previous point, the most vulnerable computers are those using the Android operating system. This is because, although Google is constantly updating its OS, many manufacturers are slow to apply these updates to their devices.
- Current Wi-Fi network certificates and passwords are not exposed. KRACK does not reveal the passwords, so it is not necessary to modify them.
Our work
Esferize provides its customers with state-of-the-art Wi-Fi products and services. Magallanes, our captive portal product for public Internet access, uses unencrypted Wi-Fi networks that are logically immune to this vulnerability as they are open networks. Magallanes’ security is based on the way it manages the traffic of each of its clients in an isolated manner.
From Esferize we will continue taking the measures that are within our reach to avoid any problem due to KRACK. Keeping our controllers and Access Points updated as the new security patches provided by the manufacturers are available. And, as always, monitoring 24×7 all the infrastructures that we operate for our customers.
Furthermore, we would like to remind all our customers that it is essential to keep all equipment up to date, as this is the most effective way of mitigating this and other types of vulnerability.