What’s KRACKing at HPE Aruba
Posted October 24, 2017 by Joel Grace
Everything you need to know about KRACK(Key Reinstallation Attacks)
What is it?
Mathy Vanhoef, a technical security researcher, found what we are now calling “KRACK” to be a devastating security flaw in the relatively “secure” standard for wireless networks WPA. KRACK allows for attackers to eavesdrop on your personal data when authenticating to an access point. That’s right, your credit card, personal information, passwords, and photos could all be at risk. For businesses, this could be sensitive financial data, HIPAA, PCI, or HR data. It’s also important to know that KRACK doesn’t just affect some wireless products, but all that use the WPA protocol for authentication.
When a client attempts to authenticate to a wireless network using WPA/WPA2, there is a four-way authenticate process that is initiated. KRACK attacks the thirds step in the process in which the encryption key can be sent multiple times. If an attacker is using KRACK, it can collect those retransmissions and the encryption can be broken.
What to do?
Most companies are taking great initiatives by releasing patches and updates quickly to protect against the possibility of an attack. If you haven’t done so already, we highly recommend updating all wireless access points to the vendor recommended version.
Here’s a list of the recommended software versions Aruba customers should install to protect against the KRACK vulnerability:
Clarity Engine: 184.108.40.206.
Aruba 501 Client Bridge
AirMesh MeshOS: 220.127.116.11.
More detailed information can be found at the HPE Aruba website:
Sayers is an HP Aruba Platinum partner with on-staff Aruba and security experts. If you have questions about KRACK or remediation steps, feel free to contact Sayers at firstname.lastname@example.org and an engineer will call you.