[Promo] Romy PSA #2 - Sweeping Wi-Fi security flaw has left nearly every connected device at risk

Marshall Kass marshall at romy.com
Tue Oct 17 10:41:02 UTC 2017 

Hi Gotham:

Romy Computers Services is here to assist!

If you have business or family in South Florida, are re-locating or starting a new business (or know someone who is) and are in need of IT services (Home, SOHO or Small Business), please call (But ONLY if you want to provide them with quality services.)

If you have any questions or concerns regarding this announcement, please feel free to call or email me for more information (954) 341-0868

Marshall Kass
marshall at romy.com<mailto:marshall at romy.com>

Sweeping Wi-Fi security flaw has left nearly every connected device at risk

A WPA2 security flaw known as KRACK breaks down the common security protocol, leaving nearly every Wi-Fi-connected device at risk for data theft or hacking.

By Conner Forrest<http://www.techrepublic.com/meet-the-team/us/conner-forrest/> | October 16, 2017, 5:37 AM PST

Nearly all modern, protected Wi-Fi networks and the devices connected to them are now at risk of spying or malicious cyberattacks, thanks to a recently-discovered flaw in the WPA2 security protocol.
The flaw is referred to as KRACK, which stands for key reinstallation attack. It was originally detailed in a paper published<https://www.documentcloud.org/documents/4109401-KRACK-Attacks.html> by Mathy Vanhoef, a security expert at the Belgian university KU Leuven, and on this website<https://www.krackattacks.com/#intro>.
Because most modern networks use a form of WPA2 security, they are all at risk, the paper said. Additionally, "if your device supports Wi-Fi, it is most likely affected," Vanhoef wrote. And it's not just snooping that is at risk here-this flaw can also be used to inject ransomware and other forms of malware onto websites, the KRACK site noted.
The flaw itself exploits the four-way handshake procedure that is used to connect users to a Wi-Fi network. The handshake essentially determines that a device and access point have access to the same credentials, the website said, and creates an encryption key for all the traffic that will happen between them.
However, with the KRACK attack, a user can be tricked into installing an already-used key with its parameters reset. Because of this, attackers can intercept and decrypt client packets, potentially gaining access to sensitive information in the process.
According to the site, the following identifiers have been assigned to KRACL:
*         CVE-2017-13077
*         CVE-2017-13078
*         CVE-2017-13079
*         CVE-2017-13080
*         CVE-2017-13081
*         CVE-2017-13082
*         CVE-2017-13084
*         CVE-2017-13086
*         CVE-2017-13087
*         CVE-2017-13088
While nearly every connected device is at risk, a certain vulnerability in a Wi-Fi client commonly used on Linux makes it especially devastating to certain Android and Linux devices. Some 41% of Android devices, including those running Android 6.0 and above, have this vulnerability, that makes it "trivial to intercept and manipulate traffic sent by these Linux and Android devices," the website said.
Additionally, internet of things (IoT) devices could be hit very hard by KRACK attacks as well, Luta Security founder Katie Moussouris tweeted<https://twitter.com/k8em0/status/919701311880232960>.
According to the KRACK website, the researchers began notifying affected vendors on July 14, 2017. They then reached out to the US Department of Homeland Security's cyber-emergency unit US-CERT, which later sent out a notification to vendors on August 28, 2017.
While there haven't necessarily been any examples of this type of attack in the wild, users should still remain cautious as many devices have likely not yet been patched. For extremely sensitive data, consider forgoing Wi-Fi if at all possible. However, if you must use Wi-Fi, WPA2 is still preferable over WEP, the website noted.
Update: Security professionals are reminding enterprises<https://doublepulsar.com/regarding-krack-attacks-wpa2-flaw-bf1caa7ec7a0> that the vulnerability is patchable, and there is currently no publicly-available code to attack this flaw. In a statement to the Verge<https://www.theverge.com/2017/10/16/16481818/wi-fi-attack-response-security-patches>, Microsoft said that it has already issued a patch for the KRACK vulnerability, and Google has promised a patch in the coming weeks. A Linux patch is also available and a host of other organizations<https://char.gd/blog/2017/wifi-has-been-broken-heres-the-companies-that-have-already-fixed-it> have issued patches as well.
The 3 big takeaways for TechRepublic readers
1.   KRACK, a new key reinstallation attack, puts nearly every Wi-Fi device at risk of eavesdropping on its network traffic, according to researchers.
2.   The flaw tricks users into installing an already used security key, which can enable attackers to intercept and decrypt client packets, potentially stealing information.
3.   Android devices and IoT devices will be especially hard hit, but all devices on modern Wi-Fi networks will be at risk to some degree, researchers said.

If you have any questions or concerns regarding this email or content, please do not hesitate to call me any time.

Romy Computers takes your data very seriously.  We can provide both onsite and cloud backup services through a number of top-tier providers based on your needs.  Please call us if you are in need of a backup solution.

Marshall Kass


_______________________________________________________________________________
(R-O-M-Y The ONLY four-letter word that actually fixes your computer problems)

Marshall J. Kass
President
Romy Computer Services, Inc.
11217 NW 70th Court
Parkland, FL 33076
(954) 341-0868    (954) 557-7210 Cell   (754) 203-0219 Fax
marshall at romy.com<mailto:marshall at romy.com>
www.romy.com<http://www.romy.com/>
Send Me A File Securely<https://romycomputerservices.sharefile.com/r-r66fc9f96f7b4615a>

[Facebook]<https://www.facebook.com/RomyComputers>[LinkedIn]<http://www.linkedin.com/profile/view?id=23525461&trk=nav_responsive_tab_profile>

24/7/365
You can email, text to my cell (954) 557-7210, or try me via instant messaging at the following:

AOL/AIM - marshallkass
Yahoo - romy_computers
MSN - email address is marshall at romy.com<mailto:marshall at romy.com>


This transmission may contain important information that is proprietary, privileged, and/or confidential and is intended only for the personal and confidential use of the person(s) to whom it is addressed. Any use, copying retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you receive this message in error, please notify the sender immediately by return email or telephone and destroy all copies.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gothamnetworking.com/pipermail/promo_gothamnetworking.com/attachments/20171017/f1e0d71d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4195 bytes
Desc: image001.png
URL: <http://gothamnetworking.com/pipermail/promo_gothamnetworking.com/attachments/20171017/f1e0d71d/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 3967 bytes
Desc: image002.png
URL: <http://gothamnetworking.com/pipermail/promo_gothamnetworking.com/attachments/20171017/f1e0d71d/attachment-0001.png>

More information about the Promo mailing list