Storagepipe Is Now Thrive

Learn More

GridWay Is Now Thrive

Learn More

Cybersecurity

Attack of the Krack

Attack of the Krack
10.17.17
Cybersecurity
By: Chip Gibbons, CISO

Update: If you use Thrive Patching or you patched your windows machines last week, then you already are protected.

Yesterday came a new release of a Wi-Fi vulnerability in the name of KRACK or Key Reinstallation Attacks.  This can be particularly bad if compromised, the attacker can see the traffic on your Wi-Fi network.  The full paper from the writers is here: https://www.krackattacks.com

Let us break this down a little bit.  Within the WPA2 protocol, there is a 4-way handshake.  If one of those handshakes gets lost the access point resends it, assuming the packet got lost in transmission. By constantly asking for the 3rd packet in the handshake, the encryption key might be broken, which allows attackers to read the data that you are sending and receiving.

This is very much like being on the free Wi-Fi network at the airport or Starbucks.  If you live in the woods, then this might not be a huge deal to you, but if this is a highly secured network in a city, then you might be more concerned because you have a larger number of people that could potentially attack you.

If you are going to your bank website or other secure sites, then you are not in any danger. If you are on a VPN, then your channel is also secure and you don’t have to worry. (Don’t worry Alexa uses a secure channel so that data is safe also.)  Companies that send data in clear text, which is what many do internally, will need to make sure their machines are patched as soon as possible.

Since this is an ongoing situation, I am going to link a blog that is keeping track of all the hardware and software that has been patched.  https://char.gd/blog/2017/wifi-has-been-broken-heres-the-companies-that-have-already-fixed-it. It looks like most major vendors have a fix in the works or have already have patches available.

If you are a Thrive client with patch management your windows machines will be automatically patched for this vulnerability.  If you are not a Thrive client, contact us today to learn how we can help with your patch management.