Stor Wifi Sårbarhet – WPA2 ”Knäckt”

Säkerhet

17/10 2017

Normal
0

21

false
false
false

EN-GB
X-NONE
X-NONE

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:””;
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0cm;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:”Times New Roman”;
mso-bidi-theme-font:minor-bidi;
mso-ansi-language:EN-GB;
mso-fareast-language:EN-US;}

Delar av det vanligast Wifi-protokollet WPA2 har blivit knäckt och påverkar alla moderna wifi uppsättningar. Denna sårbarhet gör att angriparen om den är inom räckhåll för wifi:t kan komma att kapa krypteringsnycklarna och till stor del avlyssna trafiken. Man kan även till viss del styra om trafik till falska sidor och i de fall där sidor är något sämre uppsatta så kan man kommer över lösenord m.m. i klartext. I en demonstrationsvideo så visar de hur man genomför attacken på mindre än 5 minuter.

Denna attack kallas KRACKATTACK https://www.krackattacks.com/

Microsoft släppte patchar för sina klienter den 10:e. Så se till att ha uppdaterat era datorer

Apple Patchen är i Beta, väntar på officiell release

Android – Google släpper patch i kommande veckor!

Om du har Wifi hemma rekommenderas starkt att du vänder dig till din leverantör och be dem om en uppdatering till routern/accesspunkten hemma.

IT-Mästaren uppdaterar de hårdvaror och Operativsystem där ni har det som tjänst från oss. 

 

CERT-SE rekommenderar starkt att söka efter uppdateringar till sina produkter och operativsystem samt att skyndsamt installera dem.
Tills det är gjort finns naturligtvis alternativet att stänga av Wi-Fi på telefoner och använda mobildataanslutning istället. Använd kabelförbindelse till datorer.
Om ni måste använda en sårbar Wi-Fi-förbindelse så surfa bara till webbplatser med HTTPS. Klicka inte förbi varningar om osäkra HTTPS-certifikat.

https://www.cert.se/2017/10/wpa2-krypto-for-wifi

In some cases, a script can also force a connection to bypass HTTPS, exposing usernames, passwords and other critical data.
…. and were able to decrypt all the victim’s transmitted data. They point out that this will ”not work on a properly configured HTTPS site,” but will work on a ”significant fraction” that are poorly set up.
 
https://www.engadget.com/2017/10/16/wifi-vulnerability-krack-attack/

[MICROSOFT] While some vendors were scrambling to release updates to fix the KRACK Attack vulnerability released today, Microsoft, quietly snuck the fix into last week’s Patch Tuesday. While Windows users were dutifully installing October 10th’s Patch Tuesday security updates, little did they know they were also installing a fix for the KRACK vulnerability that was not publicly disclosed until today. This fix was installed via a cumulative update that included over 25 other updates, but didn’t provide any useful info until you visited the associated knowledge basic article. https://www.bleepingcomputer.com/news/security/microsoft-quietly-patched-the-krack-wpa2-vulnerability-last-week/

 

[APPLE] The exploits have been addressed in the iOS, tvOS, watchOS, and macOS betas that are currently available to developers and will be rolling out to consumers soon.
https://www.macrumors.com/2017/10/16/krack-wifi-vulnerabilities-patched-apple-ios-macos/

 

Router vendors that have issued KRACK patches

As mentioned in Hildenbrand’s article, the best way to protect yourself from this exploit is to not use Wi-Fi at all until a proper fix has been proven. CERT has released notes on the KRACK problem, including a list of vendors whose equipment is vulnerable.

Some security-minded companies have already worked on fixes and are offering patches. Check back often, as we will keep this list updated.

There are also a number of vendors listed as ”Not affected” on the CERT website without further explanation from the vendors themselves. These include:

Normal
0

21

false
false
false

EN-GB
X-NONE
X-NONE

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:””;
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0cm;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:”Times New Roman”;
mso-bidi-theme-font:minor-bidi;
mso-ansi-language:EN-GB;
mso-fareast-language:EN-US;}

 

https://www.windowscentral.com/vendors-who-have-patched-krack-wpa2-wi-fi-vulnerability

https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/