Wi-Fi at risk from KRACK attacks - here's what to do

Wi-Fi at risk from KRACK attacks - here's what to do

Wi-Fi at risk from KRACK attacks - here's what to do

Later on, Vanhoef writes that if your device supports WiFi it's probably affected.

A vulnerability in the WPA2 protocol allowing attackers to read encrypted information transmitted over Wi-Fi was discovered by Mathy Vanhoef, a post-doctorate researcher at KU Leuven.

The attack exploits a vulnerability in the four-way handshake that's employed when a client joins a wireless network.

In the meantime, users could also turn off Wi-Fi on their devices and use either mobile data or wired ethernet connections to reduce their WPA2 risks, Iron Group CTO Alex Hudson said yesterday on his personal blog. Every network-capable device has a hard-coded, unique "media access control" or MAC address, and most Wi-Fi routers have a feature that lets you only allow access to your network for specified MAC addresses.

Plus, notes Niemelä, even if a hacker was parked in front of your home, they would only be able to meddle with your web traffic if you're not using a secured connection such as HTTPS, when the little green lock is in your browser or on a VPN, a virtual private network that creates a protected tunnel for your web traffic.

Android 6.0 and Linux have been considered most vulnerable to KRACK attacks, with nobody able to be confident of security until providers issue patches that tackle the problem.

Android devices are trickier.

Cisco, Intel and Samsung were among the companies whose products were affected but have since updated their devices. Ubuntu maker Canonical has also released updates for Ubuntu 17.04, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. However, that can be hard on mobile apps.

Vanhoef said that it was "trivial" to intercept Android data and that 41% of devices running the OS are at risk to one variant of his key reinstallation attack. As such, if an attacker retransmits part of the handshake, the library will reinstall the cleared key, effectively replacing the key with a blank one.

Simply put, if you ever used open Wi-Fi access points (or Wi-Fi access points where the password is widely known, e.g. printed on the menu or handed out by the barista), you were already living in a world where at least some of your network traffic could be sniffed out at will by anyone. "Additionally, it is possible to recover the authentication key, which in GCMP is used to protect both communication directions [as client or access point]...therefore, unlike with TKIP, an adversary can forge packets in both directions". We show that an attacker can force these nonce resets by collecting and replaying retransmissions of message 3 of the 4-way handshake. The attackers can easily capture and decrypt the data as per the demonstration.

The United States Computer Emergency Readiness Team has issued a warning about a new attack that affects Wi-Fi networks using the commonly-used WPA2 protocol. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs).

A criminal using KRACK could theoretically sit in a parking lot outside a retailer and hop on a Wi-Fi network to download a stream of credit card numbers.

A video showing a technical explanation of the attack on YouTube explains how it is "exceptionally devastating" against Android phones, which can be "tricked" into installing an empty encryption key.

Related news



[an error occurred while processing the directive]