Corporate Responsibility

Alexia Sailer

2 Comments

Vulnerability in WPA2 WLAN security protocol: the facts

  • Share
    Two clicks for more data privacy: click here to activate the button and send your recommendation. Data will be transfered as soon as the activation occurs.
  • Print
  • Read out

Researchers at KU Leuven have published a weakness in the WPA2 security protocol, which is currently used by all manufacturers to secure wireless networks (WLAN), under the codename Krack (short for "key reinstallation attack").

The most important findings, hints and tips in brief:

  • The speedport router series of Deutsche Telekom routers is not affected by the vulnerability in the WPA2 security protocol for WLAN.
  • The potential attacks do not completely break down the security of the WPA2 standard.
  • A successful Krack attack is only possible if the attacker is in the direct vicinity of a WLAN with vulnerable components.
  • Krack does not expose you to general vulnerability over the Internet.
  • According to the latest information, WLAN access points (such as WLAN routers) are only affected if they support the WLAN features "fast roaming" (standard 802.11r) and "WLAN mesh network" (standard 802.11s).
  • Deutsche Telekom is reviewing which of our products, if any, are affected by the Krack vulnerability. Our suppliers are currently analyzing the security of their WLAN components. We will provide information promptly about which Deutsche Telekom products are affected by Krack.
  • Updates for the affected products will then be provided quickly and, where possible, distributed to the devices automatically.
  • Deutsche Telekom currently estimates the risk of falling victim of a Krack attack to be low. To achieve absolute security, however, WLANs would have to be shut down completely.
  • Additional security protocols, such as the HTTPS protocol for surfing the web or VPN connections, are not affected by Krack. Therefore, the transfer of confidential data to Deutsche Telekom services, such as T-Online e-mail, is still protected.
  • We currently assume that our WLAN routers are not affected by this vulnerability at all, or only in a very limited manner, because our devices do not implement the WLAN standards of the affected access points.
  • According to the latest information, devices with Android operating system version 6 and certain Linux operating system versions are particularly affected. Devices with the Windows operating system, MacOS or iOS have limited vulnerability.
  • Check regularly whether software updates are available for your WLAN-enabled devices and install available updates promptly.

In detail:

All Deutsche Telekom products with WLAN function support WPA2. Our WLAN access points come preconfigured with WPA2 and a secure WLAN password as their security mechanism.

Krack attacks are made possible by inaccuracies in the WLAN specifications and generally affect all manufacturers of WLAN-enabled devices. The potential attacks do not completely break down the security of the WPA2 standard, however. Instead, it is possible under certain conditions to fool individual WLAN security mechanisms: a successful attacker could read the communication from a computer or smartphone in a WLAN or even manipulate it; neither should be possible with WPA2 and WLAN encryption.

A successful Krack attack is only possible if the attacker is in the direct vicinity of a WLAN with vulnerable components, however. Therefore, Krack does not expose you to general vulnerability over the Internet. Whether a device with WLAN function is vulnerable depends on its operating mode, settings and implemented WLAN functions.

Krack primarily affects WLAN-enabled devices that log in to an existing WLAN network, such as smartphones, tablets, PCs, smart TVs or WLAN repeaters to boost WLAN range.
According to the latest information, WLAN access points (such as WLAN routers) are only affected if they support the WLAN features "fast roaming" (standard 802.11r) and "WLAN mesh network" (standard 802.11s).

As soon as the vulnerability was published, Deutsche Telekom launched a review of which of our products, if any, are affected by the Krack weakness. Our suppliers are currently analyzing the security of their WLAN components. We will provide information promptly about which Deutsche Telekom products are affected by Krack. Updates for the affected products will then be provided quickly and, where possible, distributed to the devices automatically.

In the following, we have compiled several questions and answers to help you classify the WPA2 vulnerability:

  1. Does the WPA2 vulnerability mean I have to change my WLAN password?
    No, changing the WLAN password will not prevent a Krack attack. Moreover, according to current information, a Krack attack will not compromise a WLAN password. To close the WPA2 vulnerability and thus prevent Krack attacks, software updates will have to be installed on the affected WLAN devices.
  2. Do I have to shut off my WLAN to prevent theft of all my personal data?
    Although Krack attacks can be reliably prevented by shutting down WLAN, Deutsche Telekom estimates that the risk of falling victim to a Krack attack is not high enough to justify this measure.
    Additional security protocols, such as the HTTPS protocol for surfing the web or VPN connections, are not affected by Krack. Therefore, the transfer of confidential data to Deutsche Telekom services is still protected. When you retrieve your e-mail from t-online.de, for example, it will remain private despite the WPA2 vulnerability.
  3. Are Deutsche Telekom Speedport routers affected by the WPA2 vulnerability?
    The WPA2 vulnerability primarily affects devices that log in to a WLAN. Nonetheless, our suppliers are currently reviewing which Speedport routers, if any, might be affected by the WPA2 vulnerability. We currently assume that our WLAN routers are not affected by this vulnerability at all, or only in a very limited manner, because our devices do not implement the WLAN standards of the affected access points.
    If we identify any affected Deutsche Telekom devices, we will provide more information promptly.
  4. Which devices are affected by the WPA2 vulnerability, according to current information?
    According to the latest information, devices with Android operating system version 6 and certain Linux operating system versions are particularly affected. Devices with the Windows operating system, MacOS or iOS have limited vulnerability.
  5. When will software updates be provided for affected Deutsche Telekom devices?
    As soon as we identify which Deutsche Telekom devices, if any, are affected by the WPA vulnerability, we will provide additional information. In this context, we will also indicate when software updates will likely become available.
    If affected Deutsche Telekom devices support automatic software updates, we will distribute the updates to close the WPA2 vulnerability automatically. We therefore recommend, for example, activating the "Easy Support" feature on our Speedport routers.
  6. What can I do as a user to avoid falling victim to a Krack attack?
    Although Krack attacks are currently considered highly unlikely, if you want to be entirely certain, you will have to deactivate your WLAN. Please note, however, that we currently estimate that the risk of falling victim to an attack is very low. Check regularly whether software updates are available for your WLAN-enabled devices and install available updates promptly.
    We assume that many manufacturers will provide updates in the coming days and weeks to close the WPA2 vulnerability and thus prevent Krack attacks.
Frau arbeitet im Serverraum.

Security

Learn how Deutsche Telekom is protecting IT systems and networks and thus our customers and their data.

FAQ