“The October 2017 discovery of KRACK is significant for the security of virtually all smart phone users; the threat is real and pervasive” said Fatih Orhan, head of the Comodo Threat Intelligence Lab and Comodo Threat Research Labs (CTRL).
This blog explores the questions (and provides some answers) about the key new vulnerabilities and potential attacks associated with “KRACK.”
What is KRACK?
KRACK is the name for the Key Reinstallation Attacks and related vulnerabilities to the WPA2 protocol for wireless. WPA2 is used by nearly all IT devices today, including mobile devices everywhere.
The WPA2 protocol is vulnerable. This week, vulnerabilities in the Wi-Fi industry’s encryption standard were revealed. An attacker in the proximity of a Wi-Fi network and the target computer may exploit vulnerabilities with a Key Installation Attack allowing them to read information that was previously assumed to be encrypted. By using this attack, data being sent from a WPA2-encrypted Wi-Fi device could be recorded including passwords, credit card details and enterprise logins.
Who is at risk?
All Wi-Fi enabled devices are at risk as this vector is in the Wi-Fi standard itself.
Why is this so important?
We may never be able to entirely trust WPA2 again. As soon as patches are available, your local administrators will update device firmware for routers, access points and hotspots, but while that will return trust to the enterprise Wi-Fi networks, public hotspots at airports and coffee shops may remain unprotected for some time. Older devices may never receive an update, leaving WPA2 on public hotspots forever untrustworthy. The web’s SSL protocol offers an additional protection that can only protect transactions performed under that protocol.
Mobile devices come with the highest risk profile. They are commonly configured to automatically join Wi-Fi hotspots, and users will connect where possible to reduce data costs. Statistics provided by Wi-Fi Alliance show that 71% of all mobile communications flow over Wi-Fi and that number has been growing rapidly. Both the device and the access point must be updated to protect against KRACK, so in effect, 100% of Android, iOS, and Wi-Fi connected devices are potentially at risk.
What can I do now for my organization and/or myself?
The good news is there is a free solution that provides mobile Virtual Private Network (VPN) connections to ensure that KRACK or other network weaknesses cannot harm you.
Creating a VPN to encrypt all internet communications will protect against any malicious network listeners making KRACK impotent, and even any man-in-the-middle (MITM) attacks.
Comodo Dome Shield includes Mobile VPN Profiles for iPads, iPhones and all types of Android devices. Dome Shield is the free level of the Dome product delivering web access controls and advanced threat protection to mobile users via these Mobile VPN Profiles. Simply configure the profile and your mobile device receives an extra level of security no matter what type of network is used. Comodo Dome Shield works seamlessly across Wi-Fi, or 2G, 3G, 4G, and LTE cellular networks and securely protects an average of 49 million transactions per day across 84 countries.
How do I get Comodo Dome Shield?
If you do not have Comodo Dome Shield implemented already, you can obtain a free license at https://www.comodo.com/cdomeshield/freelicense/. Just begin by selecting your business type of (individual, enterprise or MSP), and it’s a breeze.
I already use Comodo Dome Shield for our users; how do I configure a Mobile VPN Profile?
Open your Comodo Dome Shield Portal and go to Configure > Objects > Mobile Devices and email the VPN Profile to your users. This emails the users with the VPN profile included as an attachment.
Once the user installs the VPN profile attachment on the device, all internet traffic on the mobile devices is encrypted end to end. The mobile device will be secured against all advanced threats regardless of where you are connecting from on Wi-Fi or other network. The mobile device is then secure against KRACK and its effects.
More on KRACK?
For additional details about KRACK from Department of Computer Science at the KU Leuven, check out: https://www.krackattacks.com/.
More on Comodo Dome Shield?
For additional details about Comodo Dome Shield, check out: https://cdome.comodo.com/shield/.