A security flaw in WPA2, the security protocol for most modern WiFi systems, could allow an attacker to steal sensitive data including emails, credit card numbers and passwords, Researchers at Belgian university KU Leuven reported Monday.
Depending on the network configuration, the flaw also could allow an attacker to inject or manipulate information in the system — for example, inject ransomware or other malware into websites being used.
The weakness is in the WiFi standard itself, not in any particular products or implementations, so this impacts just about any correct implementation of WPA2, explained Mathy VanHoef, a postdoc researcher in the university’s imec-DistriNet Research Group, who together with Frank Piessens, a DistriNet professor, discovered the flaw.
A series of vulnerabilities were found in Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and other systems, the researchers said. In order to fix the problem, users need to update affected products as soon as patches become available.
The research will be presented at the ACM Conference on Computer and Communication Security, which will take place Oct. 30 to Nov. 3 in Dallas, and at the Black Hat Europe conference in December.
Microsoft released security updates a week ago, and customers who have Windows Update enabled or otherwise have applied the updates are protected, the company said in a statement provided to TechNewsWorld by spokesperson Rachel Martinez.
The company withheld disclosure of the flaw to allow other vendors time to develop and release updates, it said.
As a proof of concept, the DistriNet researchers executed a key reinstallation attack (KRACK) against an Android smartphone, noting that Linux and Android 6.0 or higher were particularly vulnerable. Both operating systems can be tricked into reinstalling an all-zero encryption key.
The main attack is against the four-way handshake of the WPA2 protocol, the researchers said. The handshake takes place when a user wants to join a protected WiFi network and the protocol is used to confirm that the client and access point have the correct credentials.
The attacker manipulates and replays the cryptographic handshake message. When the victim reinstalls the key, the incremental transmit packet number and the receive packet number are reset to their initial values.
“How it works is technically complex,” said William Malik, vice president for infrastructure strategies at Trend Micro.
“The easy answer is the attacker gets the access point to rebroadcast part of the initial handshake, analyzes that information, and then the attacker can intercept the rest of the conversation,” he told TechNewsWorld.
During the handshake, the device and access point set up and agree on an initial encryption key, Malik said.
Users should install recommended updates from end device and network equipment manufacturers, Kevin Robinson, vice president of marketing at the Wi-Fi Alliance, told TechNewsworld.
The alliance has taken immediate steps to address the issue, and it now requires testing for the vulnerabilities within its global certification lab network. The alliance has provided a vulnerability detection tool for its members’ use.
The vulnerabilities can be lumped into two categories, according to the International Consortium for the Advancement of Cybersecurity on the Internet. In one, attacks would affect wireless endpoints as “supplicants.” In the other, attacks would affect wireless infrastructure devices as “authenticators.”
Depending on the device configuration, exploiting these vulnerabilities could allow unauthenticated attackers to perform packet relay, decrypt wireless packets, and potentially forge or inject packets into a wireless network, ICASI said.
Members including A10 Networks, Amazon, Cisco Systems, IBM, Intel Corp., Juniper Networks, Microsoft, Oracle and VMWare were notified.
Fundamental flaws that impact all Web users, like KRACK, are “incredibly rare” but not unprecedented, said Rich Campagna, CEO of security firm Bitglass.
The Heartbleed vulnerability, which surfaced in 2014, is another example of a flaw that had widespread impact across the spectrum, he told TechNewsWorld.
An attack exploiting the WPA2 flaw would require an adversary to be close to the target, noted Gaurav Banga, CEO of Balbix.
“Remember that many public networks are wide open anyway, and enterprises expect TLS (HTTPS) and VPNs to provide the real protection, even if WiFi is open wide,” he told TechNewsWorld. “Perhaps this is why the vulnerability disclosure was not taken very seriously until this week.”