The KRACK attack is the latest Wi-Fi security vulnerability. It's a big one but it can be avoided.
If you’ve been keeping on on you technology new you may already have hearrd about the KRACK attack, if not here’s some information on what it is, how it affects you (and yes, it does affect you), and what you can do to mitigate it.
The KRACK attack (Key Reinstallation Attack) is an exploit which allows a malicious user to read and manipulate data over a secure wifi network. This allows the malicious user to use phishing techniques to steal login details, credit card information, chat messages, emails, photos etc. It may also be possible to inject ransomware or malware onto a device.
KRACK takes advantage of a weakness in the WPA2 (Wi-Fi Protected Access 2) security protocol to perform its attack, and thus this can be done on all modern Wi-Fi networks. The attack tricks the targetted device to use encryption keys that are known to an attacker, allowing the data to be decrypted and manipulated by them. WPA2 itself was made available in 2004 to overcome the security issues present in the previous wireless encryption protocol, WEP.
WPA2 is the defacto security protocol for Wi-Fi, and is present on all modern Wi-Fi enabled devices. If you have to enter a password to get onto a Wi-Fi network, then you’re using WPA2. If you don’t have to enter a password then your connection isn’t encrypted and you’re already vulnerable to the phishing techniques this attack opens up.
Android and Linux appear to also be particularly vulnerable to this attack as flaws in those operating systems allow for the KRACK exploit to be implemented with little effort.
The KRACK attack is a major security flaw in a protocol that is used in every WI-Fi device (and in fact WPA2 must be implemented to receive a Wi-Fi certification for manufactured devices). However, the attack is what’s know as a “targetted attack”. You are only truly vulnerable when an attacker is near you, so you should only be concerned when using public access points (and only those with a password; open Wi-Fi networks are already vulnerble to the types of phishing this attack allows).
Thankfully, the security flaw in WPA2 which allows this attack to take place can be fixed with patches. This means that all you should have to do is to ensure that your devices (phones, routers, PCs etc.) are kept up to date with the latest security patches as they are released. These patches are already starting to be released so most likely your devices will be secured before anyone has a chance to take advantage of this new attack.
If you normally keep your devices up to date and have properly configured security on any websites you control then you’re probably already doing everything you can at this point.
It’s worth noting that you don’t always have to use Wi-Fi. In the Mesomorphic office we have connected every device that we can via ethernet. That way we don’t have to worry about these kind of attacks and we can benefit from a more reliable office network. Wi-Fi is used solely for devices without ethernet ports such as mobile devices. Even our laptops are connected via ethernet at each desk.
Here’s some specific actions you can look into depending on your role:
Further information can be found on the Official KRACK Attacks website
We would love to hear from you so let's get in touch!