CTS 094: Sealing the KRACK Attack

We provide an overview of the KRACK Attack targeting Wi-Fi security.

KRACK Attack featured photo

KRACK Attack

On October 16th, 2017 a vulnerability within WPA2 security was released. In this episode, we provide an overview of what the KRACK Attack is, how it affects Wi-Fi networks, and what you can do to seal this security threat.

KRACK Attack targets a weakness in the 4-Way Handshake. Specifically, the key management process. Within the 4-Way Handshake it is possible for an attacker to reinstall an already in use key. This is a security weakness because it causes devices to reinstall a key. Keys should only be installed once thus causing a weakness in security.

An attacker would need to perform a Man-In-The-Middle attack in order to be successful in pulling off the attack.

This means Wi-Fi devices are at risk. This becomes the challenge with ensuring security. All devices would need to receive this security patch.

On the infrastructure side, an attacker would be able to perform a replay attack on APs with 802.11r enabled. Major vendors are releasing a patch for this vulnerability but as a workaround you could disable 802.11r.

Listen in on our discussion around KRACK Attack, our thoughts, and our opinions on security as a whole.

Links & Resources

Join Clear To Send

Come join the Clear To Send community.

Powered by ConvertKit
About the Author
Rowell, CWNE #210, is a network engineer in Higher-Ed. He enjoys working with wireless networking technologies and loves to share and engage with the community. You can connect with him on Twitter, LinkedIn, and Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.