The KRACK (Key Reinstallation) attack takes advantage of a security flaw found in the WPA2 protocol. This is the protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim’s Wi-Fi can exploit these weaknesses using KRACK; this means that most encrypted Wi-Fi networks are not as secure as you think. It was recently discovered by Belgian researcher Marty Vanhoef and it’s serious enough to warrant a warning issued by the US Department of Homeland security.
Here is how KRACK attack happens
According to security experts, it works by exploiting a four-way handshake that’s used to establish a key for encrypting traffic. According to Marty Vanhoef, a new “key” used to encrypt the communications onto the network can be installed by hacker and allowing the hacker to gain access to the data. This could involve passwords, credit card numbers, and photos. The hacker can easily hijack connections, perform man-in-the-middle attacks, and eavesdrop on communication sent from a WPA2-enabled device.
Here is why it should be a concern for you
“It seems to affect all Wi-Fi networks, it’s a fundamental flaw in the underlying protocol, even if you’ve done everything right [your security] is broken,” said Alan Woodward of the University of Surrey’s Centre for Cyber Security.
The most concerning news about the attack is that any device that uses Wi-Fi is vulnerable. It can be your phone, your laptop, your PlayStation or your smart fridge even.
Although the attack cannot steal your data or Google passwords or any data on a correctly secured connection which uses end-to-end encryption like HTTPS, the hacker can intercept some of the traffic between your device and your router to know what you’re doing. Depending on the network configuration, it is also possible for the attacker to inject and manipulate data or even be able to inject ransomware or other malware into websites.
Here is what you can do to ensure your data is safe
Changing your Wi-Fi passwords or changing routers won’t be effective because the KRACK attack doesn’t recover the password (PSK) itself. But there are number of other ways to protect your data from the KRACK attack, such as:
1. Update all the wireless gadgets you own
Install updates on as many of your devices and as soon as possible. Microsoft, Google and Apple have issued or plan to issue updates regarding this bug. You should be contacting your vendors for your routers / Wi-Fi access points to know if firmware update is provided. For now it seems that Windows and newer versions of iOS are unaffected. But the bug can have a serious impact on Android 6.0 Marshmallow and newer versions.
2. Avoid using Wi-Fi in public area
Avoid using public Wi-Fi at all costs for now. This includes hotels, coffee shops and other public spaces. Make sure that you’re only connected to secured services. You can always verify that a network is secure or not by checking to see whether there is a padlock near the network sign or not when selecting the Wi-Fi network.
3. Use VPN
According to the security experts, it’s always a good idea to use VPN (Virtual Private Network) such as NordVPN or TunnelBear when browsing online.
4. Use Mobile data of your cell phone
Instead of using Wi-Fi on your cell phone, use your cellular networks mobile data. It may not be ideal if your network signals are weak, but it is certainly safer than using public Wi-Fi or routers whose patches are not yet updated.
5. Install HTTPS everywhere extension
Stick to HTTPS websites so your web browsing is encrypted even if it travels over an unencrypted connection. If you use Google Chrome, Firefox or Opera, then it is recommended to install HTTPS everywhere extension to force your browser to use the https version of the site if there is one available.
The good thing is that ever since the vulnerability is out, all the routers vendors are trying to provide updates of their firmware. You can check out which vendors are now updated or have provided the patch on the list given here.