A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack.
The bug, known as “KRACK” for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol’s four-way handshake, which securely allows new devices with a pre-shared password to join the network.
That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
802.11r is a standard for improving the roaming experience of wireless client devices as they physically move about a given network and, by virtue of distance and signal strength, automatically associate and disassociate to various access points (AP). Associating to a new AP takes time, thanks to necessary authentication. FT speeds up the authentication and association process for roaming clients – helping to protect against packet loss and poor performance in applications like VoIP calls or streaming content.
Essentially, an attacker can expose sensitive information exchanged between a client device and a wireless access point by taking advantage of the fact that replayed frames aren’t accounted for when establishing a connection using FT. This allows an attacker to replay data sent to an AP, including sensitive encryption key data – enabling that attacker to decrypt/forge wireless frames. In all cases, an attacker needs to be in close proximity to the AP or client under attack.
Only unpatched wireless networks that have enabled 802.11r functionality are at risk. ALL JENLOR customers who are using Cisco Meraki are up to date and not at risk. We are working with other vendors for updates and patches. A full list of patches can be found here.
If you have any questions or concerns please reach out to email@example.com or contact us directly at 412-220-9330
For more information, please see the links below: