Published: 20/10/17 by Peter Bassill
Every week we go deep into the info-sec mountain and go mining for nuggets. Those gem like pieces of information that can help make the world a better place. In my first post on nuggets, there is much to reflect on.
This week we took the KRACK Attack to heart. The question posed was how long would it take to create a viable exploit to take advantage on the vulnerability and do what has been demonstrated in the current online videos. First off we covered what the KRACK Attack is in Matthews excellent article on the issue here. Taking the vulnerability apart and building an exploit for it was enlightening. It certainly wasn’t simple and we ran into many blocks but then it wasn’t exactly hard either. All in all, it took a couple of hours over two days of coding to create a working exploit. The KRACK Attack gave us two nuggets for the week:
Nugget 1: Keep your systems AND you hardware appliances patched.
Nugget 2: 22 hours of end to end coding was all that was required to create a working exploit, and it wasn’t exactly hard.
Time and time again we see people falling foul of a ransomware attack. More often than not the attack is initiated through a phishing email. In this weeks case, the user simply opened a word attachment and clicked on the “enable macros” button to view the data. The attack was nicely put together and within minutes the malware was on the target machine encrypting the electronic data. Thankfully the client had offline backups to fall back on and the incident was contained to the single user.
Nugget 3: Offline backups really do save you.
Nugget 4: Awareness training, done properly (not boring online Q&A slides) will help prevent users from doing something silly.
Time and time again we come across bad password habits. Passwords do not need to be hard to remember, they just need to be suitably long and the longer they are the less frequently you need to change them.
Nugget 5: Use passphrases, long phrases that you can remember easily.
That is it for this week. Until next week, stay safe out there on the internet.
10th Floor, 3 Hardman Street
1st Floor, 138a Main Street