KRACK Attack: Everything You Need to Know
Bytes: We’ve known public Wi-Fi networks are vulnerable to hacking for a long time. But according to experts, the situation is a whole lot worse than anyone imagined. It’s now believed that every Wi-Fi network in the world is vulnerable — or at least, every Wi-Fi network that uses either WPA or WPA-2 encryption, which is virtually all of them.
The cause? An exploit called “KRACK,” which is short for Key Reinstallation Attacks.
But what exactly is a KRACK attack? How does it work? Can it be fixed? And what can you do about it in the short-term? Let’s take a closer look.
Why Are We Only Hearing About KRACK Attacks Now?
An excellent question.
How Does a KRACK Attack Work?
Perhaps the most worrying aspect of KRACK is that it’s not focused on a particular range of devices or a specific type of security implementation. The issue affects the Wi-Fi protocol itself, and thus affects every internet-connected device you own.
WPA-2 encryption uses a “four-way handshake” to establish a device’s connection to the network. It’s this “handshake” that the KRACK attack targets.
The first two parts of the four-part process ensure the password on a device matches the Wi-Fi’s security key. The device and router communicate with each other, and if the credentials agree, the third part of the handshake initializes.
At this point, a new encryption key is generated. Theoretically, it’s designed to protect a user’s session by encrypting data frames. This is where the KRACK attack kicks into action. Vanhoef’s research shows a hacker can intercept and manipulate the new key.
The hack works because a router (or other access point) will try and retransmit the new key several times if it does not receive a response from the device. Because each retransmission uses the same encryption key, it resets the transmit packet number and receive replay counter.
An attacker can collect the messages and force the counters to reset. In turn, this allows the person to replay, decrypt, or forge packets.
TL;DR: KRACK allows an attacker to steal and use one of the encryption keys that Wi-Fi network security relies on.
What Can Hackers Do With KRACK?
Let’s start with the good news. KRACK attacks are difficult for hackers to deploy for one simple reason: they need to be within range of a Wi-Fi network to make it work. Unlike some other worldwide security flaws, like Heartbleed and Shellshock, the hacker cannot deploy a KRACK attack remotely.
Secondly, a hacker can only attack one network at a time. Let’s assume the would-be criminal sets themselves up in a Starbucks in downtown New York. They probably have hundreds of networks within range, but there’s no way to attack them all at once — at least, not without a van full of equipment. As such, if cyber-criminals are thinking of launching a KRACK attack, the most likely targets are large hotels, airports, train stations, and other vast public networks with thousands of people logging on and off every day. Your home network is almost certainly safe.
The bad news? A KRACK attack has the potential to be devastating for the victim.
Can KRACK Be Fixed?
Yes, hardware manufacturers and software developers can patch and fix devices that are vulnerable to KRACK attacks. Microsoft and Apple were particularly quick off the mark — the Silicon Valley giants released beta patches on the same day the flaw was publicly announced. Google has said an Android patch will be forthcoming in the next few weeks.
However, these days we connect a lot more to our Wi-Fi than just laptops and phones. Sure, they might be the primary attack vectors, but you need to update everything from your router to your smart fridge. That takes a lot of time, and many of the companies behind the devices won’t be as responsive as Microsoft and Apple.
Your router is arguably the most critical device to update. If you’ve got an ISP-issued model, you need to start pestering the company for a patch as soon as possible.
For more information about whether your device already has a fix, check this list.
It seems like we might be waiting for a long time before we can definitively claim all our devices are secure. Here are some steps you can take in the meantime:
- Use Ethernet: Remember, KRACK doesn’t affect the web at large, it just targets Wi-Fi connections. If you have the option to connect to a network using an ethernet cable, your device will be safe.
- Use cellular data on your phone: Similarly, when on mobile, just use your data plan rather than connecting to public Wi-Fi.
- Tether your phone: If you’re in public, it might be safe to use your phone’s tethering option rather than connect your laptop to a Wi-Fi network.
- Disable vulnerable Internet of Things (IoT) devices: Sure, you might not worry about a hacker getting access to your fridge’s data, but your smart security system is another story. Temporarily disable any highly sensitive IoT devices until a patch is available.
- Use a VPN: A VPN encrypts all your traffic, so although a hacker deploying a KRACK attack will be able to see it, they won’t be able to decode it.
Are You Worried About KRACK Attacks?
KRACK attacks are yet another reminder that we’re not as immune as we might like to think are.