We’ve known public Wi-Fi networks are vulnerable to hacking for a long time. But according to experts, the situation is a whole lot worse than anyone imagined.
It’s now believed that every Wi-Fi network in the world is vulnerable — or at least, every Wi-Fi network that uses either WPA or WPA-2 encryption, which is virtually all of them.
The cause? An exploit called “KRACK,” which is short for Key Reinstallation Attacks.
But what exactly is a KRACK attack? How does it work? Can it be fixed? And what can you do about it in the short-term? Let’s take a closer look.
Why Are We Only Hearing About KRACK Attacks Now?
An excellent question.
Consider this: WPA and WPA-2 encryptions have been standard features of Wi-Fi networks since 2003. Until the KRACK revelations, nobody had cracked the encryption techniques.
Hahaha everyone's freaking out about this huge WPA2 vulnerability. Glad I stuck with WEP
— Terrible Networker (@BadAtNetworking) October 16, 2017
The encryption plays a vital role in networking. It secures the traffic between your router and your wireless device, thus ensuring nobody can spy on your actions or inject malicious code into the transfer.
Now its perfect record lays in ruins. And so too does the security of billions of Wi-Fi networks around the world.
The man responsible for the bombshell is Belgian security researcher Mathy Vanhoef. He discovered the flaw several months ago but kept it as a closely-guarded secret until Monday 16th October 2017.
How Does a KRACK Attack Work?
Perhaps the most worrying aspect of KRACK is that it’s not focused on a particular range of devices or a specific type of security implementation. The issue affects the Wi-Fi protocol itself, and thus affects every internet-connected device you own.
WPA-2 encryption uses a “four-way handshake” to establish a device’s connection to the network. It’s this “handshake” that the KRACK attack targets.
The first two parts of the four-part process ensure the password on a device matches the Wi-Fi’s security key. The device and router communicate with each other, and if the credentials agree, the third part of the handshake initializes.
At this point, a new encryption key is generated. Theoretically, it’s designed to protect a user’s session by encrypting data frames. This is where the KRACK attack kicks into action. Vanhoef’s research shows a hacker can intercept and manipulate the new key.
The hack works because a router (or other access point) will try and retransmit the new key several times if it does not receive a response from the device. Because each retransmission uses the same encryption key, it resets the transmit packet number and receive replay counter.
An attacker can collect the messages and force the counters to reset. In turn, this allows the person to replay, decrypt, or forge packets.
TL;DR: KRACK allows an attacker to steal and use one of the encryption keys that Wi-Fi network security relies on.
What Can Hackers Do With KRACK?
Let’s start with the good news. KRACK attacks are difficult for hackers to deploy for one simple reason: they need to be within range of a Wi-Fi network to make it work. Unlike some other worldwide security flaws, like Heartbleed and Shellshock, the hacker cannot deploy a KRACK attack remotely.
Secondly, a hacker can only attack one network at a time. Let’s assume the would-be criminal sets themselves up in a Starbucks in downtown New York. They probably have hundreds of networks within range, but there’s no way to attack them all at once — at least, not without a van full of equipment.
As such, if cyber-criminals are thinking of launching a KRACK attack, the most likely targets are large hotels, airports, train stations, and other vast public networks with thousands of people logging on and off every day. Your home network is almost certainly safe.
The bad news? A KRACK attack has the potential to be devastating for the victim.
According to Vanhoef, “credit card numbers, passwords, chat messages, emails, photos [and more]” could be stolen. This leaves you vulnerable to monetary loss and identity theft. Some network configurations will even allow hackers to inject malware, ransomware, and spyware into websites you’re visiting and, by extension, your computer.
Can KRACK Be Fixed?
Yes, hardware manufacturers and software developers can patch and fix devices that are vulnerable to KRACK attacks. Microsoft and Apple were particularly quick off the mark — the Silicon Valley giants released beta patches on the same day the flaw was publicly announced. Google has said an Android patch will be forthcoming in the next few weeks.
Is anyone else annoyed that the WPA2 KRACK paper author sat on it for >2mos before any disclosure and 5mos before public disclosure?
— Hector Martin (@marcan42) October 16, 2017
However, these days we connect a lot more to our Wi-Fi than just laptops and phones. Sure, they might be the primary attack vectors, but you need to update everything from your router to your smart fridge. That takes a lot of time, and many of the companies behind the devices won’t be as responsive as Microsoft and Apple.
Your router is arguably the most critical device to update. If you’ve got an ISP-issued model, you need to start pestering the company for a patch as soon as possible.
For more information about whether your device already has a fix, check this list.
It seems like we might be waiting for a long time before we can definitively claim all our devices are secure. Here are some steps you can take in the meantime:
- Use Ethernet: Remember, KRACK doesn’t affect the web at large, it just targets Wi-Fi connections. If you have the option to connect to a network using an ethernet cable, your device will be safe.
- Use cellular data on your phone: Similarly, when on mobile, just use your data plan rather than connecting to public Wi-Fi.
- Tether your phone: If you’re in public, it might be safe to use your phone’s tethering option rather than connect your laptop to a Wi-Fi network.
- Disable vulnerable Internet of Things (IoT) devices: Sure, you might not worry about a hacker getting access to your fridge’s data, but your smart security system is another story. Temporarily disable any highly sensitive IoT devices until a patch is available.
- Use a VPN: A VPN encrypts all your traffic, so although a hacker deploying a KRACK attack will be able to see it, they won’t be able to decode it.
Are You Worried About KRACK Attacks?
KRACK attacks are yet another reminder that we’re not as immune as we might like to think are.
We can all make strong passwords, use services like LastPass, keep our firmware updated, and take other security precautions, but we’re ultimately at the mercy of the technology we use. If there’s a flaw in the technology, it doesn’t matter how security conscious we are, we will be at risk.
Does the vulnerability worry you? How are you going to protect yourself? As always, you can leave all your opinions in the comments below.
Image Credit: yekophotostudio/Depositphotos