KRACK Attack – Key Reinstallation Attack


Recently there has been a discovery of a security loophole named KRACK as a vulnerability in the WPA2-key handshake used for secure communication in Wi-Fi networks worldwide.  This vulnerability is a man-in-the-middle attack, whereby the key negotiation between a wireless client and an access point is manipulated in such a way that an attacker can intercept the data communication.

Simply put, KRACK is a weakness in the WPA2 system that secures the Wi-Fi connection between an access point and a wireless client device (computer, laptop, phone, etc.).

While this should be considered a valid and serious threat to anyone utilising WPA2, the important information to keep in mind is that this particular attack is very difficult for an individual to execute, and must be done under specific, and very likely noticeable conditions. An attacker would have to physically be within Wi-Fi range to execute this interruption, which if successful, would allow them to eavesdrop on unencrypted (non-HTTPS) traffic and theoretically compromise your systems by injecting malware into, for example, an otherwise benign website.

How does my business protect itself?

Be aware of visitors or anyone unfamiliar to yourself on your site to prevent unauthorised use of personal devices such as mobile phones or other handhelds and laptops.

Restrict visitors’ access to your business’ Wi-Fi network.

Contact all of the providers of your business’ wireless network (access point providers as well as client providers) to understand your risk level and whether they have a plan in place to address this issue.

Heavey RF and their partners are currently working on a security update for fast roaming (802.11r) and it will be released as soon as possible.  If you suspect that the solution Heavey RF has provided you may be vulnerable, we encourage you to contact us immediately.  In the meantime, we are reviewing all of our customers’ solutions to proactively ensure that they are not at risk.

As more information comes available, we will immediately provide updates via our website and in communications to our customers.

For more information on the KRACK attack please see the website related to the discovery below.