If you are reading this, you may have already heard about a new vulnerability that allows an attacker to decrypt and listen to your WIFI communication. This applies to all implementations of wireless protocols for WPA2. Even if you use certificates, usernames/passwords or just a pre-shared key, this affects you at home and at work.
As the news cycle focuses on this attack, I would love to make this article a big "I told you so" and provide another shameless plug for IntelliGO but alas, even though IntelliGO provides very strong EAP-TLS authentication, the attack still works.
This is because it is actually the wireless encryption negotiated by WPA2 that is still vulnerable and not the authentication itself.
Aside: As a quick note for those still trying to get up to speed and mitigate the risk of this attack, please see below a short table to help you find and fix the issue in your networks:
|Impact/How it Works||Affected Products||How to Fix|
|Allows attacker to decrypt traffic on any WPA2 Network and act as a man in the middle to listen to network communication.
See Full Breakdown
Enterprise and Consumer grade routers and access points with WIFI standard implementation.
|See Vendor docs for what to disable or what versions to upgrade to. A few here:
So just patch and we're done?
No. Ultimately, I would like to keep beating a dead horse here. As good as patching this problem is, there are still many ways of performing this type of attack on your devices.
I have been doing some variation of this type of wireless hack as part of my presentations now for about five years. At the end of my talks ,I would put up the "Wall of Shame" where all the audience members could see their device name and be horrified at the reality that is wireless security for most organizations. (Here I am in 2014 and again)
For the most part this would be some variant of me doing the same thing:
- Man-in-the-middle attack for Open-WIFI (Thanks Pineapple)
- Stealing passwords (Thanks Interceptor-NG)
- Cracking weak WI-FI encryption (Now thanks to Krackattack)
- Stealing Active Directory passwords through EAP-MSCHAP (Thanks everybody).
While that is fun and I usually get a laugh with the "It's not you it's me" joke near the end, I rarely get anything more than an angry audience member or a happy security analyst when I donate the hacking kit I just used.
So what do you suggest I do?
So, let us just accept the fact that if a device connects to Open, WPA or WPA2 WIFI all information is intercepted. What do we do now?
Focus on the other layers protecting your users. I always tell people my password is "aaaaaa" because I want them to feel that it is a given that my password or keys are up for grabs.
That is how you should think about your wireless security, then your credentials security, and then your data. If I was to get access to your network and your password what stops me from getting your data and using it?
Scanning for untrusted devices that are doing this? Using two-factor authentication on every application? Logging of all transactions to track this type of behavior? Hiring a team of people to watch the access for anomalies?
I am literally just listing IntelliGO features now.
If it is a new wireless hack, application vulnerability, firewall bypass, Azure flaw or credential leak affecting everyone, the process is still the same: test, monitor and mitigate. If you have any questions about the attack, please comment below and we will try to answer it.