KRACK wifi networks, KRACK Wi-Fi attack, WPA2 KRACK attack
KRACK Wi-Fi attack problem in Wi-Fi’s WPA security protocol which makes it possible for attacker to eavesdrop on your personal data when you connect to Wi-Fi. KRACK the issue affects the Wi-Fi protocol itself not specific products or implementation and works against all modern protected Wi-Fi networks,according to Mathy Vanhoef, the researcher that discovered it. That means that if your device uses Wi-Fi, KRACK will effect you.
They discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks.
An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks
(KRACKs).
Concretely, attackers can use this novel attack technique to read
information that was previously assumed to be safely encrypted.
This can be abused to steal sensitive information such as credit card
numbers, passwords, chat messages, emails, photos, and so on.
The attack works against all modern protected Wi-Fi networks.
Depending on the network configuration, it is also possible to inject and manipulate data.
For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.
Until those updates appear for other devices, consumers can still take steps to safeguard against KRACK. The easiest thing would be to simply use a wired ethernet connection, or stick to your cellular connection on a phone. That’s not always possible though.
If you need to use a public Wi-Fi hotspot—even one that’s password protected—stick to websites that use HTTPS encryption. Secure websites are still secure even with Wi-Fi security broken. The URLs of encrypted websites will start with “HTTPS,” while unsecured websites are prefaced by “HTTP.”
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.
How is the KRACK break your Wi-Fi security?
KRACK (short for, uh, Key Reinstallation AttaCK) targets the third step in a four-way authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during step three, and if attackers collect and replay those retransmissions in particular ways, Wi-Fi security encryption can be broken.
What are devices that affected by this KRACK?
If your device uses Wi-Fi, it’s likely vulnerable to the KRACK Wi-Fi security flaw to some degree, though some get it worse than others.
How we will protect ourself from this KRACK’s Wi-Fi?
Keep your devices up to date as Vanhoef says “implementations can be patched in a backwards-compatible manner.” That means that your device can download an update that protects against KRACK and still communicate with unpatched hardware while being protected from the security flaw. Given the potential reach of KRACK, expect those patches to come quickly from major hardware and operating system vendors.
Until those updates appear for other devices, consumers can still take steps to safeguard against KRACK. The easiest thing would be to simply use a wired ethernet connection, or stick to your cellular connection on a phone. That’s not always possible though.
If you need to use a public Wi-Fi hotspot—even one that’s password protected—stick to websites that use HTTPS encryption. Secure websites are still secure even with Wi-Fi security broken. The URLs of encrypted websites will start with “HTTPS,” while unsecured websites are prefaced by “HTTP.”
So you should upgrade and update your Routers, Switches, laptop or any electonic machine so you will be safe and keep your eys on any new update for your devices.
Comments
Post a Comment