Belgian computer scientists have shown that there is the standard security protocol used in all modern Wi-Fi network is not as secure as previously thought. The weaknesses they identified are found the in WPA2 (Wi-Fi Protected Access) protocol and in a new study, the researchers showed just how easy they are easy to exploit. Companies were notified weeks ago about this flaw so make sure all your software is up to date.
The scientists looked at a specific type of cyber-attack known as KRACK, or Key Reinstallation Attack, which allows an attacker to access encrypted information like credit card numbers, passwords, photos, etc. The research is discussed in a paper, which will be presented at the Computer and Communications Security (CCS) conference on November 1, next month.
This security flaw affects, in one way or another, Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and many others. The researchers have also successfully simulated attacks against mobile and desktop software, banking apps, and even VPN apps that are designed to hide where you’re connecting from.
The crucial issue is how WPA2 protocol is designed. When you join a protected Wi-Fi network, you and your network have a 4-way handshake. It’s a way to provide mutual identification. During the handshake, you get a fresh encryption key, which allows you to send encrypted data packages and be secured.
What the researchers noticed is that the encryption key is always in message 3 of the 4-way handshake and a KRACK attack forced the user to reinstall the key. The difference is that a malicious attacker could send forth an encryption key that is not fresh and instead can be used to see what's being transmitted over the network, even being able to inject ransomware and malware into websites. The malicious attacker would have to be physically close to you, it cannot be done remotely.
Lead author Mathy Vanhoef explained that software companies can patch the existing WPA2, without having to come up with a completely new protected access protocol. So to make sure you’re not vulnerable to this kind of attack, all your devices, including the firmware of your router, need to be updated.
The United States Computer Emergency Readiness Team (CERT) issued a Vulnerability Note explaining the technical issue behind the WPA2 weakness and the companies affected by these. All the companies were notified on August 28 and the ones affected have been updating their software. Make sure you do too
