What you need to know about the "KRACK Attack" vulnerability
 |
| By: David Page Security Analyst CISSP, QSA |
On October 16, 2017, this vulnerability was made public. If exploited, it would allow hackers to decrypt and read Wi-Fi-transmitted network traffic.
How this affects you:
If you are logged onto a wireless network, and an attacker is within range, they can use KRACK to bypass WPA2 network security and then read your (unencrypted) credit card numbers, passwords, banking info, photos, chats, emails, messages, etc.Any sensitive data passing over the network would be up for grabs.
See which vendors are affected and if they have been updated/patched yet.
What you should do:
- Watch for patches and updates to be released by Wi-Fi device manufacturers and vendors in the near future. Install updates for all devices and operating systems as soon as available. All affected personal and enterprise Wi-Fi devices will need to be patched eventually.
- This exploit requires the attacker have access to your wireless network. Organizations will fare better if they’ve architected their critical Wi-Fi networks to limit coverage to intended areas, and followed other Wi-Fi networking best-practices.
- Since this attack is performed over Wi-Fi, using cellular data or an ethernet cord would remove the risk of KRACK. Also, if you connect using a virtual private network (VPN), that will encrypt all your internet traffic.
- Make sure to only share sensitive data on sites with HTTPS encryption.
- Changing a Wi-Fi password or replacing your router won’t stop KRACK Attacks. This issue is not related to devices themselves.
- Android and Linux devices are most easily affected. Most versions of iOS and Windows are vulnerable but would be more difficult to exploit because of the way they originally implemented the WPA2 standard.
What does KRACK stand for?
Vanhoef coined the acronym “KRACK” to stand for “key reinstallation attack.”How does a key reinstallation attack work?
The WPA2 protocol currently employs a “4-way handshake,” which confirms that both the client and access point have the correct credentials (a password), while at the same time creating a fresh (never used) encryption key that will be used to encrypt all subsequent traffic.In a key reinstallation attack, a hacker would manipulate and replay the cryptographic handshake messages to trick a victim into reinstalling an already-in-use encryption key. Because the attacker forces reuse in this manner, the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged.
Vanhoef recorded a video demonstration of such an attack.