Key Reinstallation AttaCKs (KRACKS)
Weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks, have been discovered by Mathy Vanhoef. He found that attackers who are within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKS). The attack works against all modern protected Wi-Fi networks. This attack technique can be used to steal sensitive information which was previously assumed to be safely encrypted, such as credit card numbers, passwords, emails, photos and more. It may also be possible to insert and manipulate data, depending on the network configuration. This means an attacker could possibly inject ransomware or other malware into websites.
In a key reinstallation attack, the victim is tricked into reinstalling an already-in-use key. This happens when cryptographic handshake messages are manipulated and replayed. To guarantee security, a key should only be installed and used once. This is not guaranteed by the WPA2 protocol. All modern protected Wi-Fi networks use a 4-way handshake. This handshake is executed, when a client wants to join a protected Wi-Fi network, to confirm that both the client and access point possess the correct credentials. It also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic.
How to prevent the attack
- Install HTTPS Everywhere, which is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure
- Update all routers and Wi-Fi devices with the latest security patches. Update your routers firmware
- Use Ethernet – consider turning off Wi-Fi and Ethernet unto your router until its patched
- Use Cellular Data of your phone – Disable Wi-Fi on your phone or tablet and use cellular data
- Don’t rely on a VPN as a solution
These weaknesses are not in individual products or implementations, but rather in the Wi-Fi standard itself, which means any correct implementation of WPA2 is likely affected. As soon as security updates become available, users must apply them. If your device supports Wi-Fi, it is most likely affected.
Capitol Computers will be working with all clients to apply these security updates as quickly as possible. As a Managed Services client, this service is covered under contract.