Cybersecurity Alert: WPA2 Key Reinstallation Vulnerabilities
Guyana National Cybersecurity Incident Response Team (GNCIRT) confirms on Monday, October 16, a serious weakness in WPA2, a protocol that secures all modern protected Wi-Fi networks.
An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
Users are advised to be extremely cautious in their online activities.
- Install updates to affected products and hosts as they are available.
- Where possible, use Ethernet cables and connect directly into the network, rather than using Wi-Fi.
- Consider browsing the web with an extension or browser add-on like (HTTPS Everywhere) that forces any site to encrypt your communication with the website.
- The organization can urge their staff to use corporate VPN for any WI-FI connections. While end user can consider using personal VPN for their own personal use.
For further information and support, please contact GNCIRT at 222 4423 or firstname.lastname@example.org