KRACK is an acronym for Key Reinstallation Attack. Krack attack on Wi-Fi Protected Access protocol (WPA2) which make your Wi-Fi connection secure. As most of us know, public Wi-Fi are vulnerable to hacking. But it is much worse than that as experts has pointed out. All Wi-Fi networks in the world are vulnerable to hacking by all types of hackers and it is something unbelievable for most of us. But unfortunately this is the fact that hackers use KRACK to exploit a vulnerability in WPA2. Now, what exactly is a KRACK attack? How does it work? Can it be fixed? And what can you do about it in the short-term? Let’s take a closer look.
What is WPA2?
Wi-Fi Protected Access II (WPA2) is a security protocol that protects virtually all secured WiFi networks. WPA2 uses strong encryption to protect communications between a user’s device and the device providing the WiFi. This is meant to stop anyone who might intercept the communication from making sense of the captured data.
How Does a KRACK Attack Work?
One of the most worrying aspect of KRACK attack is that it is not focused on a specific range of devices. It also doesn’t focus on a specific type of security implementation. The issue affects the Wi-Fi protocol itself, and thus affects every internet-connected device you own.
WPA-2 encryption uses a “four-way handshake” to establish a device’s connection to the network. It’s this “handshake” that the KRACK attack targets.
The first two parts of the four-part process ensure the password on a device matches the Wi-Fi’s security key. The device and router communicate with each other, and if the credentials agree, the third part of the handshake initializes.
At this point, a new encryption key is generated. By encrypting data frames it protects a user’s session. This is where the KRACK attack kicks into action. Vanhoef’s research shows a hacker can intercept and manipulate the new key.
The hack works because a router (or other access point) will try and retransmit the new key several times if it does not receive a response from the device. Because each retransmission uses the same encryption key, it resets the transmit packet number and receive replay counter.
An attacker can collect the messages and force the counters to reset. In turn, this allows the person to replay, decrypt, or forge packets.
TL;DR: KRACK allows an attacker to steal and use one of the encryption keys that Wi-Fi network security relies on.
Why KRACK Is a Threaten?
Let’s think of all the devices we use that rely on Wi-Fi. It is not just about laptops and smartphones; numerous smart devices now make up the Internet of Things (IoT). Because of the vulnerability in WPA2, everything connected to Wi-Fi is at risk of being hacked or hijacked.
Attackers using KRACK can gain access to usernames and passwords as well as data stored on devices. Hackers can read emails and view photos of transmitted data and then use that information to blackmail users or sell it on the Dark Web.
Theft of stored data requires more steps, such as an HTTP content injection to load malware into the system. Hackers could conceivably take control of any device used on that Wi-Fi connection. Because the attacks require hackers to be close to the target, these internet security threats could also lead to physical security threats.
On the other hand, the need to be in close proximity is the only good news related to KRACK, as that means a widespread attack would be extremely difficult.
Victims are specifically targeted. However, there are concerns that a more experienced attacker could develop the skills to use HTTP content injection to load malware onto websites to create a more widespread affect.
What Can Hackers Do With KRACK?
Let’s start with the good news. KRACK attacks are difficult for hackers to deploy for one simple reason: they need to be within range of a Wi-Fi network to make it work. Unlike some other worldwide security flaws, like Heartbleed and Shellshock, the hacker cannot deploy a KRACK attack remotely.
Secondly, a hacker can only attack one network at a time. Let’s assume the would-be criminal sets themselves up in a Starbucks in downtown New York. They probably have hundreds of networks within range. But there is no way to attack them all at once. At least, not without a van full of equipment.
As such, if cyber-criminals are thinking of launching a KRACK attack, the most likely targets are large hotels, airports, train stations, and other vast public networks with thousands of people logging on and off every day. Your home network is almost certainly safe.
The bad news? A KRACK attack has the potential to be devastating for the victim. According to Vanhoef, “credit card numbers, passwords, chat messages, emails, photos [and more]” could be stolen. This leaves you vulnerable to monetary loss and identity theft. Some network configurations will even allow hackers to inject malware, ransomware, and spyware into websites you are visiting and, by extension, your computer.
Who Is at Risk of KRACK Attack?
Everyone is at risk from KRACK vulnerability. Patches are available for Windows and iOS devices, but a released patch for Android devices is currently in question (November 2017). There have been issues with the release, and many question if all versions and devices are covered.
The real problem is with routers and IoT devices. These devices aren’t updated as regularly as computer operating systems, and for many devices, security flaws need to be addressed on the manufacturing side. New devices should address KRACK, but the devices you already have in your home probably aren’t protected.
Is There Any Chance for KRACK to be Fixed?
Yes, hardware manufacturers and software developers can patch and fix devices that are vulnerable to KRACK attacks. Microsoft and Apple were particularly quick off the mark. The Silicon Valley giants released beta patches on the same day the flaw was publicly announced. Google has said an Android patch will be forthcoming in the next few weeks.
However, these days we connect a lot more to our Wi-Fi than just laptops and phones. Sure, they might be the primary attack vectors, but you need to update everything from your router to your smart fridge. That takes a lot of time, and many of the companies behind the devices won’t be as responsive as Microsoft and Apple.
Your router is arguably the most critical device to update. If you have got an ISP-issued model, you need to start pestering the company for a patch as soon as possible.
Short-Term Solutions for Staying Safe from KRACK Attack
It seems like we might be waiting for a long time before we can definitively claim all our devices are secure. Here we have provided tips to consider in order to be protected:
- Use Ethernet: Remember, KRACK doesn’t affect the web at large, it just targets Wi-Fi connections. If you have the option to connect to a network using an ethernet cable, your device will be safe.
- Use cellular data on your phone: Similarly, when on mobile, just use your data plan rather than connecting to public Wi-Fi.
- Tether your phone: If you are in public, it might be safe to use your phone’s tethering option rather than connect your laptop to a Wi-Fi network.
- Disable vulnerable Internet of Things (IoT) devices: Sure, you might not worry about a hacker getting access to your fridge’s data, but your smart security system is another story. Temporarily disable any highly sensitive IoT devices until a patch is available.
- Use a VPN: A VPN encrypts all your traffic. Therefore, although a hacker deploying a KRACK attack will be able to see it, they won’t be able to decode it.
Hope these tips make you secure from the probable attacks and malware.
One of the other reminders for us is KRACK attack which tells us we are not immune as we might think are. For preventing such kinds of attacks there are different types of security precautions. Such as creating strong passwords and use VPNs and services like LastPass, keep our services updated and so many other security tips.
Nowadays, we are ultimately at the mercy of the technology we use. If there is a flaw in the technology, it doesn’t matter how security conscious we are, we will be at risk. So being cautious and taking security tips when being online, would be an important factor to provide us more safety.