A security researcher named Mathy Vanhoef of KU Leuven in Belgium has disclosed a vulnerability in the current WPA2 network. All routers that use a WPA2 (which is almost every single WiFi enabled device today) is vulnerable to a Key Reinstallation Attack (KRACK). Information that was once assumed to be safely encrypted, such as messages, passwords, photos, or credit card numbers, can now be read, and in some cases, manipulated.
The problem is unfortunately not with a specific product, but rather the WPA2 standard itself. Therefore, if you have a device that supports Wifi, you should assume it is vulnerable and take steps to protect it immediately.
How the attack works
WPA2 protocol has what’s called a “four-way handshake.” When a user attempts to join a network, the protocol determines whether the access point at the network and the user have matching credentials. This makes sure that the user knows the network password. As part of the handshake, a new encryption key is generated to protect the user’s session. It’s this encryption key that is vulnerable to the KRACK attack, allowing attackers to tamper with or reinstall a key that’s already been used. Reusing this key also resets packet counters, which means an attacker can replay and decrypt packets, or even create their own in some cases.
The good news (sort of): An attacker must be in range of a victim’s WiFi network to carry out the attack, so there is no chance of a remote break-in. Also, most current versions of iOS and Windows aren’t vulnerable because of the way Apple and Microsoft apply the WPA2 standard. However, with the number of WiFi devices currently in play, it’s a problem that presents a huge scope of exploitation.
How to prevent a KRACK attack
It’s important to note that changing your router password will not affect the vulnerability. Our advice is to contact your router’s vendor for any patch updates that need to be installed, and contact them more than once. Unfortunately, when device manufactures are responsible for releasing patches, the process usually takes longer and is more complicated. For now, don’t abandon the WPA2 network, but understand that there is more risk involved going forward. Make sure any sensitive data you transmit on the web is done so over an HTTPS connection.
More information and specific details of how this vulnerability works can be found at www.krackattacks.com.