Krack Attacks: You use WPA2 to access the internet every day, and you could be vulnerable to a Krack Attack.
Virtually all modern WiFi networks employ WPA2 as a security protocol. A couple of months ago, a security researcher named Mathy Vanhoef discovered an existing vulnerability in all WPA2 WiFi network connections. He called this vulnerability a key reinstallation attack or KRACK. Hackers could possibly exploit this flaw to create a copy of data transmitted over the WiFi connection without having to know your device or WiFi password.
As Larry David might say, this flaw could be pretty, pretty, pretty serious. Since almost all internet connections employ WPA2 as a security protocol, it really won’t matter if you get online with your laptop, Android or Apple phone, or any other device. Since the attacker doesn’t need a password, your secured device or router won’t help either.
If a hacker knew how to steal data with a Krack attack, his only limitation would be that he needs to physically be within the range of your online connection. If you’ve ever checked for internet connections on computer or phone, you already know that you are almost always within range of several secured or unsecured connections if you’re at home in your neighborhood or at work in your office.
The hackers steal data through your connection and not from your computer, tablet, or phone so all devices could be impacted. Dozens of name-brand router, computer, and device vendors have been impacted by and notified of the problem. The researcher said that Android and Linux were the most vulnerable. Still, the list of impacted vendors includes Apple, Microsoft, Cisco, and much more.
Vanhoef discovered the possibility of Krack attacks in July of 2017. He promptly contacted vendors but had originally planned to wait a month to publish his findings publicly. When Vanhoef started working with the vendors, the scale of the problem grew larger than was first expected, so he delayed his public announcement until October.
You might wonder why researchers don’t release this sort of security information to protect the public right away. Typically, when security researchers uncover vulnerabilities, they give vendors a chance to take action before they make the information public. Otherwise, hackers might get the information to make use of before the vendors can issue patches. There doesn’t seem to be a lot of information about any true attacks using this method, so in this case, the researcher may have stayed ahead of the criminals.
At this time, Microsoft says they’ve already released a patch. Cisco has released patches for some devices but not all. Dozens of other vendors are working furiously on the problem. You can find a list of patches and status updates on ZDNet. The article said it would get updated with future announcements, but you might also check with your own product maker’s website.
As always, you would be prudent to apply any manufacturer’s updates as you get them. You can also set most devices to accept automatic updates.
These are some steps you can take to protect your own data:
The good news is that there isn’t much evidence that any hackers have actually exploited this flaw yet to steal data. It’s always a positive sign when security researchers discover security problems before criminals do. However, now that this information is publicly available, the situation could change. Vendors are under tremendous pressure to issue patches, but until you’re sure that you’ve received a patch, you should remain aware that your data may not be as secure as you thought it was.
Category: Atlanta IT Service Articles, Date: 20th October 2017, Author: Chris Chao