Krack Attacks: Some days ago I mentioned through him SecNews.gr for a defect in the Wi-Fi standard that can be used by attackers to track wireless network traffic even if WPA2 protection is used.
Today we will see if the error can affect you, and who is most at risk.
The explanation of the attack
Key Reinstallation Attacks or Krack Attacks work on all Wi-Fi networks protected by the WPA2 standard and in some cases can be used for injections that result in data manipulation. The attack works on WPA and WPA2 protection standards against personal and business networks that have Wi-Fi connections.
The attack method works against the 4-way handshake of the WPA2 protocol. This handshake is performed when client-based devices, such as a smartphone or laptop, attempt to connect to the Wi-Fi network.
The handshake verifies the credentials and negotiates an encryption key that is then used to protect traffic as long as the connection remains active.
The main defect discovered by the researchers affects the key and is achieved by "managing and responding to encrypted messages of the handshake" or "manipulating and replying cryptographic handshake messages".
The researchers note that the data being transferred can (theoretically) be decrypted by the attacker.
Can the attack affect me?
Let's start with them good news. KRACK attacks are hard to hackers for a simple reason: they should be within the reach of a Wi-Fi network. Unlike some other global attacks like Heartbleed and Shellshock, the hacker can not perform the KRACK attack remotely.
Second, a hacker can attack only one network at a time. Suppose the attacker sits in a public space, say a café in the center of Athens. He is most likely to see hundreds of networks within his reach, but there is no way to attack them at the same time.
So if a hacker is thinking about launching a KRACK attack, the most likely targets can be large hotels, airports, railway stations or large public networks with thousands of people connected daily.
Your home network is almost safe.
The bad news? A KRACK attack is capable of destroying you.
With a successful Krack attack a hacker can easily obtain your credit card numbers, passwords, chats, emails, photos, and more. This can lead to financial losses and of course the theft of your identity. Also mention that with certain network settings attackers can introduce malware, ransomware and spyware on websites you visit and by extension on your computer.
Can KRACK be repaired?
Yes, hardware manufacturers and software developers can fix devices and software that are vulnerable to KRACK attacks. Microsoft and Apple were particularly quick to release beta patches on the same day that the bug was publicly announced. Google has announced that it will release an update to Android in the coming weeks.
However, using Wi-Fi connections on your mobile devices does not mean that the problem will be solved only by a software update on those devices. The attack mainly targets routers and IoT devices, so you should immediately update your router or smart refrigerator. This will probably take a long time, as many of the companies that manufacture these devices are not as aware as Microsoft and Apple.
Your router is undoubtedly the most critical device for updating. If your model has not updated its firmware, you should contact your Internet service provider and request an update as soon as possible.
What can I do until they decide to update the Firmware
Use Ethernet: KRACK doesn't affect the web at large, it just targets Wi-Fi connections. If you are able to connect to a network using cable ethernet, your device will be safe.
Use cellular data on your phone: Likewise, when using cell phones, just use it Internet of your mobile connection rather than some public Wi-Fi.
Tether connections from your phone: In public, it may be more secure to use the option to connect the computer from your phone instead of connecting directly to a Wi-Fi network.
Turn off vulnerable Internet of Things (IoT) devices: You may not be worrying about a hacker's access to your refrigerator data, but you should worry about accessing your network. Temporarily disable any extremely sensitive IoT device until a firmware update is available.
Use VPN: VPNs (virtual private networks) encrypt all your network traffic, so even if a hacker manages to access with a KRACK attack, he will not be able to decode it.
Are you worried about KRACK attacks?
KRACK attacks are another reminder that we are not as intimidating as we want to think.
We can use strong passwords, applications like KeePass, to update from software και firmwares, να παίρνουμε χίλιες προφυλάξεις security, but ultimately we are at the mercy of the technology we use. Once a technological flaw is discovered, it doesn't matter how consistent we are with security advice.
Let's say that because of the nature of the attack and the degree of difficulty, you should not worry too much unless of course you are a very important person.