The group of cybersecurity experts has recently found the greatest and unprecedented vulnerability in the security of Wi-Fi networks. The most popular security protocol for WI-FI networks – the WPA2 protocol appears to be the weak link.
What is KRACK?
New vulnerability called KRACK allows hackers to intercept and steal passwords, monitor user actions on the Internet and replace messages or data.
A joint group of cybersecurity researchers from the University of Leuven, Huawei Technologies, and the University of Birmingham, presented their work called: Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, which is shortly called KRACK.
These newly discovered WPA2 vulnerabilities allow hackers to bypass protection and “listen” for Wi-Fi traffic between the access point and the device. Virtually all devices connected to Wi-Fi are in danger. So the risk extends not only to your computers, mobile phones, laptops, and tablets but to your smart TV, smart refrigerator, and even your smart lock.
KRACK gives hackers an opportunity to perform a man-in-the-middle attack and push network members into reinstalling the encryption keys that protect WPA2 traffic. In case networks are configured to use GCMP or WPA-TKIP protocols, attackers can not only listen for WPA2 traffic but also inject packets into victim data.
Even though all the major manufacturers of Wi-Fi routers and other devices were informed of the vulnerabilities of the WPA2 protocol more than six months ago, most of them have not been able to find and implement solutions to address the issue. It means that most devices using Wi-Fi networks are still vulnerable.
Although security researchers do not have any pieces of evidence that this vulnerability was ever used by hackers, we still need to exercise the best security practices to stay safe.
What can you do to protect your personal data?
- A password reset trick, in this case, cannot prevent the possibility of an attack. Researchers advise making sure that the router uses the latest firmware version. Check for the presence/absence of a patch for a specific vendor here, or on the manufacturer’s homepage.
- Do not use sites that are not secured by SSL encryption. Websites protected by SSL encryption always start with https: //
- Avoid public Wi-Fi at all costs. For example, McDonald’s, hotels, airports are the most likely places to attack the device.
- Use a VPN on all of your devices: Mac, Windows or even on your Wi-Fi router.
- Use a wired connection if your device includes a jack to connect an Ethernet cable. This exploit only affects 802.11 traffic between the Wi-Fi router and the connected device.
David Balaban is a computer security researcher with over 15 years of experience in malware analysis and antivirus software evaluation. David runs the Privacy-PC.com project which presents expert opinions on the contemporary information security matters, including social engineering, penetration testing, threat intelligence, online privacy and white hat hacking.