Vulnerabilities in wireless networks have always been a worrying factor for information technology administrators, since it is well known that devices evolve rapidly regarding speed data transmission, administrability, configuration and security, it is also known that these changes bring certain vulnerabilities along the way. History has shown us how wireless devices’ authentication protocols, e.g. WEP and WPA, are susceptible to different attacks, some more elaborate than others, but equally effective. These attacks have been based on brute-force attack and packet injection.
The exploit of these vulnerabilities encountered in the WPA2 protocols makes it possible to materialize certain risks that we would not have encountered in our radar before, this is due to the fact that we thought the protocol was the safest thing to use. Nevertheless, it is an obsolete protocol, its development was implemented more than 10 years ago and with the computing power and tools we currently have make the protocols less strong and thus losing the credibility it holds. Allowing an attacker to log in to our wifi connection brings plenty of issues on its own, which affect important variables to our security, from the point of view of confidentiality, integrity and availability, making it possible to reveal certain secrets that we should internally have well kept; it could also modify certain aspects of our operations and logic of our business, thus affecting our productivity.
Imagine that the settings of our Wi-Fi net allow an attacker get to our network segment, where we also have information about our company; there are rates, costs, providers, clients, formulas and others valuable secrets for our competition. Even, it could happen that the attacker modifies accounts receivable or payable, public services rates and any other information that can create a collapse, or going even further, lead the company to bankruptcy.
The past October 16, the United States Computer Emergency Readiness Team (US-CERT) alerted us about this new vulnerability, this makes of it a concerning threat for platform administrators because of the fact that in every company we have devices that use this authentication mechanism. So then…What do we do now?
The radical solution begins with an update on the firmware of the devices, searching these updates on the respective software manufacturers’ websites, apart from the updates that certain OS creators such as Windows offer, whose update is done through Windows Update and is a countermeasure against these type of vulnerabilities. We would recommend you to have security audits and internal and external vulnerability analysis in order to determine the level of risk our tech infrastructure is exposed to; with the final purpose to develop mitigation plans that will increase the liability in the business continuity and to train our personnel in understanding their role and know how to react when face a tech incident of this nature.