News broke recently that a security weakness has been found in WPA2.
Affectionately known as “KRACK” attacks, these flaws in the security of WPA2-protected Wi-Fi signals allow the attacker to access information being transmitted between a computer and access point. Even if the data is thought to be safely encrypted, the proverbial “KRACK-en” can still access data, including user logins to various accounts, credit card information, and other information that an end user may put into a website. It could also be used, in some cases, to inject malware into websites that could then be transmitted to the user’s PC through Wi-Fi.
Release the KRACK-en
KRACK is more than just a silly name for these attacks. It is an acronym, standing for Key Reinstallation Attacks. When a computer, cell phone, or other device attempts to connect to a Wi-Fi network, a key is given to the device from the access point in what Mathy Vanhoef, in his article “KRACK Attacks: Breaking WPA by Forcing Nonce Use,” describes as a “four-way hand shake.” During the handshake, a key is created for the user that is supposed to encrypt all data coming in and out of the connection. These keys, theoretically, are to be used and installed once and only once. This break in security has found that this isn’t always guaranteed with WPA2 protection.
The attacker is able to manipulate and reuse an encryption key, which is what allows them to access the information that is being encrypted through the connection. Once they generate a key to be used, the parameters that are associated with the protocol are all reset back to their initial value. This all takes place in “message 3” of the four-way handshake. The attacker is able to resend message 3 to the user, forcing the encryption key to be reinstalled and the aforementioned parameters to be reset. In doing so, the encryption protocol can be attacked and the packets being transmitted can now be replayed or decrypted by the attacker.
What to Do
KRACK attacks are a big scare right now, since anyone using a WPA2 protection service, defaulted by many access points, is at risk of an attack. It’s simple, primitive and effective. But what can you do to prevent your data from being accessed? What can you do to protect yourself?
Right now, the best thing to do is keep all devices (including all computers, cell phones, tablets, routers, etc.) updated and roll out any new updates that come out soon. The break is being worked on, and should have a patch available for most major hardware soon. Time Magazine’s article “Krack Attack: Everything to Know About the WPA2 Wi-Fi Flaw” also recommends that users update the firmware on their routers when possible.
As mentioned, the scare is imminent, but there are patches being rolled out every day to combat this flaw.