October 26, 2017
What is the KRACKs Security Attack?
Researchers have published information about a serious weakness in WPA2, the security standard that protects all modern Wi-Fi networks. This security exploit take advantage of the four-way handshake that generate an encryption key for a connection to a wireless network.
Attackers can use this security flaw to obtain a copy of this key which will allow them to break through the encryption and see data that is being sent through the network. A major limitation to this exploit is that the attacker must be in the physical range of their target’s Wi-Fi.
What is WPA2?
WPA2 stands for Wi-Fi Protected Access II, and is the security protocol used to encrypt and protect data being passed through a Wi-Fi network. Its job is to only allow authorized devices to gain access to the network using a password.
What type of systems does it affect?
KRACKs affects potentially all major Wi-Fi enabled systems including Android, Linux, Apple, Windows, OpenBSD, MediaTek, and Linksys. It also affects all internet of things (IoT) devices, which include smart refrigerators, security camera, thermostats, security systems and more.
What can hackers do with this exploit?
Criminals can theoretically use the hack the decrypt data passed through the connections, which allows them to obtain sensitive data like usernames, passwords, account numbers, etc. Hackers would potentially also be able to insert their own code, installing malware, such as ransomware.
Will changing my Wi-Fi password help?
No. The exploit bypasses the password completely.
What can I do to prevent the exploit from being used on my network?
Update everything! Update your computer operating systems, software, phones, IoT devices, modems, routers, and anything else that is a Wi-Fi enabled device.
According to the U.S. CERT, about 100 major organizations who have products that were affected, were contacted before bringing the security flaw public. The companies have been working on updates and patches to seal the vulnerability. Some have already made the appropriate security updates.
What if my device hasn’t had an update lately?
Possible precautions that can make sure your network connection is secure is the following:
- Implement a virtual Private Network (VPN)
- Experts advice to only visit HTTPS-enabled websites. You can block non-HTTPS sites through most firewall programs.
Who is responsible?
Not one person or company is responsible. It was a flaw baked into the protocol when it was established and agreed on by the Wi-Fi Alliance, a tech industry organization.
Has the exploit been used by criminals?
No one really knows. The author of the research paper claims to have discovered it accidently. The scary thing is that many companies make hundreds of Wi-Fi devices including discontinued products. This can make it hard to update all Wi-Fi devices, especially in a timely manner. Another concern is that most wireless products like routers need to be manually updated. This is not a simple task for most people. Future technology is working on automatic updates but for now it is wise to take all precautions, especially if you have personal and sensitive information.
Interested in learning more on how to secure your company network and information? Contact Us!