Digital West Blog

KRACK Attack: Wi-Fi Hack Breaks WPA2

Posted by Digital West Inc. on 10/26/17 9:28 AM

KRACK is a Wi-Fi hack that breaks WPA2 (Wi-Fi Protected Access), the security protocol protecting Wi-Fi networks. According to Mathy Vanhoef of KU Leuven, a university in Belgium, hackers have figured how to exploit WPA2, allowing them to eavesdrop on communication from devices connected to the Internet. With KRACK, they are able to slip ransomware into websites and of course, steal private information, usernames and passwords.

KRACK-hacker-WPA2.pngKRACK (Key Reinstallation Attack), a systemic vulnerability in wireless devices, attacks the security protocol in a different way than most cyber attacks. Instead of targeting the Wi-Fi access point, it targets the various devices connected to the Wi-Fi source. Popular operating systems such as Apple's iOS, Google's Android and Microsoft's Windows could be affected.

KRACK was discovered fairly quickly and before hackers could exploit it as a large-scale cyber threat. Currently, device manufacturers are expediting security updates for their products; it's advisable to install these patches as soon as they are available. 

The "good" news? In order to exploit KRACK, hackers must be close enough to access your Wi-Fi signal, so this squashes remote hacking methods that most skilled hackers use. Your data is more vulnerable when you use public Wi-Fi and hotspots than it is using your home network.

The KRACK attack is a security flaw that allows hackers to access unencrypted files in transit without using a password. KRACK isn't an attack on a specific vendor or information collection method, but an attack on the security component of most wireless devices - WPA2.

How does WPA2 work?

The WPA2 protocol employs what's known as a "four-way handshake." After a user enters the correct password to access a Wi-Fi network, a new encryption key is generated to encrypt subsequent data traveling through that key. When the process is manipulated with the Key Reinstallation AttaCK, the hacker manipulates the cryptographic handshakes to gain access. 

Unsecured sites (http://) are particularly vulnerable to this attack. You're on a secure site when you see https:// or when you're using a secured app on your smartphone. These add another security layer that a hacker needs to break. WPA2 is still a very secure protocol, so experts advise its continued use. However, be proactive and update your devices with vendor patches, especially those you use to transmit private or sensitive information on Wi-Fi.

What should I do?

Because KRACK affects a security component of wireless devices, experts recommend installing the vendor patches on every wireless device that you use, including routers (your wireless traffic hub), laptops, smartphones (storage for private information hackers want), televisions, smartwatches, home security systems, home and life assistants (such as Amazon Echo), gaming stations, appliances  and especially any device with video output.

protect-small-business-cyber-security-CTA.png

You may also update your Wi-Fi password if you choose, but updating your router is key. The advice from the U.S. Department of Homeland Security Computer Emergency Response Team is to install vendor updates on all affected products; check routers provided by Cisco Systems or Juniper Networks.

CERT Software Engineering Institute at Carnegie Mellon University has compiled a comprehensive list of tech vendors and any information about their updates. CERT updates this list continually, so check it often; you can also inquire directly with your device vendor.

Apple, Google and Microsoftall have a security patch* on the way for customers.

To do list: update cyber security measures

With KRACK and other recent security breaches, this is an excellent opportunity to review and update your personal and business security protocols.

  • Have you installed device and program security updates/patches*?
  • Have you changed your passwords recently?
  • Do you use the same password for all your accounts?
  • Do you check your financial, credit card and credit reports on a regular basis?
Now add this:
  • Check with your device and software vendors for security patches and install them when they are available.

For your business:

  • Are you using any business or network security service provider?
  • Does your security program monitor your network 365/24/7?
  • Is your security solution the best plan for your business and digital needs?
  • Does your provider offer SOC 2 Type II compliance?

Big or small, every business should be proactive and diligent in protecting systems software and critical business data assets. Digital West will work with you to assess cyber risks and recommend effective security measures that fit your needs. 

*Some devices such as older or embedded devices may never get a patch with no option for updating. Check with your device manufacturer if you cannot find a patch for your product.

Topics: Digital West News, Security