The latest security vulnerability to hit the headlines has been named KRACK – which stands for ‘Key Reinstallation Attacks’. KRACK is a security vulnerability present in WPA2 protocol which is widely used in Wi-Fi connections. (WPA2 stands for Wi-fi Protected Access II). Taking advantage of this security vulnerability, hackers can successfully intercept or steal sensitive information – like credit card number, password etc., – being transmitted between your Wi-fi network and various devices which may be connected to it.
According to Mathy Vanhoef, the man behind the discovery of this security vulnerability KRACK “works against all modern protected Wi-fi networks”. A dedicated website too has been set up by Mathy himself which provides information about the various aspects of KRACK. In this blog, let’s take a quick look at What Is Krack?, Who Does It Affect? and How Can You Protect Your Devices From It?
What is KRACK?
KRACK stands for ‘Key Reinstallation Attacks’. Simply put, it is a security vulnerability which has been discovered in the ubiquitous ‘WPA2’ protocol used by Wi-Fi connections. Typically when devices connect to a Wi-fi network, an authentication process needs to be executed in order to establish device identity. Several encryption keys are transferred during this process. What KRACK does is it replays these transmissions in particular ways and thus breaks the Wi-fi security encryption.
Who Does It Affect?
Almost any device which connects to Wi-Fi networks. But thankfully it is not as bad as it sounds. Mainly because although the security vulnerability discovered is a critical one, exploiting it takes a considerable amount of time and sophistication, which Mathy seems to be suggesting, that the hacking community lacks at the moment.
KRACK Security Vulnerability – Can and Can’t(s)?
Fortunately, there are many limitations which make KRACK vulnerability seem a distant reality. At least for the time being. Let’s take a look at some of the can and can’t(s) of KRACK.
- Steal or intercept any information passing between devices and your Wi-Fi network
- Using certain tools, KRACK can perform packet injections for spreading malware
- Can affect devices only within the range of the attackers
- Affect devices but only the information being passed between devices and Wi-Fi connection
- Affect or intercept traffic encrypted using HTTPS protocol
- Operate when victim device is not within range
- Spread itself from computer to computer within a network like a worm (although rumors are suggesting they can, no proof has emerged so far)
How Can You Protect Yourself From KRACK?
Although KRACK security vulnerability doesn’t seem to be posing huge security threats, the fact that it exploits WPA2 protocol which is widely deployed in modern-day Wi-Fi connections cannot be taken lightly. Therefore if the worst-case scenario was to befall us, here are some steps you can take to protect your devices from KRACK.
1. Update Your Routers: Now that KRACK security vulnerability has come to light, you can expect router manufacturers to take some action soon – release a new patch or downgrade and move to a safer patch. Therefore keep your router configurations patched up or updated. Even better, keep your automatic updates option turned On if you have it. Also, update all your devices that connect to your Wi-Fi connection. Just to be safe.
2. Use HTTPS Everywhere Feature: HTTPS Everywhere is a free and a browser open source connection using which internet users can safely connect to Google Chrome, Mozilla Firefox, Opera and Firefox for Android. Using this will automatically force websites users to use a more secure HTTPS connection instead of the insecure HTTP.
3. Avoid Public Wi-Fi Connections: This is a no-brainer. And yet something which needs to be mentioned because of the attractiveness public Wi-Fi(s) usually possess since they are available for free. Even before KRACK, public wi-fi(s) posed potential security issues, now they’ve become extremely dangerous.
4. Consider Using Wired Connection [Use Ethernet]: This might sound ridiculous. But it is definitely one of the options for staying away from KRACK, in case the security vulnerability is successfully exploited by the hacking community in the coming days. If you’re someone who firmly believes in ‘being safe than sorry’, this idea may appeal to you.
5. Install Antivirus: You may be thinking how can antivirus package protect against KRACK, which is a security vulnerability inherent in Wi-Fi technology. Well, if you are, you may – or may not – be right. Because a high-quality antivirus package like Comodo Antivirus – which comes equipped with advanced features like default deny protection, auto sandbox technology, prevention-based security, suspicious file quarantining etc., – can often act as first line of defense against attackers from exploiting various security vulnerabilities in your network.