What is it?
The attack is called a Key Reinstallation Attack, or “KRACK” for short (nerds love a tortured acronym as much as the next person). This attack takes advantage of a flaw in the handshake that Wi-Fi devices use to establish trust between one another. This is an important note; the flaw is within the standard itself and not particular products.
Whom does it affect?
The short answer is almost everyone. The flaw is present in WPA and WPA2 security protocols which, as luck would have it, are about as universal as a protocol can be. If your device supports Wi-Fi, it is most likely affected.
What can it do?
Taken directly from the researchers that discovered the flaw, “Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.” This vulnerability can also make a network susceptible to the injection of ransomware and other malware. Luckily, exploiting this flaw requires proximity. An attacker needs to be close enough to be able to pick up on the Wi-Fi signal of the targeted network.
What can you do?
If you are a managed client of IRIS, rest assured that we are working behind the scenes, installing patches as they become available and monitoring the situation closely.
As of the writing of this article (October 18th, 2017), Microsoft has already issued a patch for supported Windows operating systems and Apple has released updates for macOS, iOS, watchOS, and tvOS. Google is “aware of the issue, and we will be patching any affected devices in the coming weeks.” For cell phones and home computers, we recommend checking for and applying updates as soon as possible.
Have more questions? You can always contact CharSec for more info.