adv

KRACK Wi-Fi attack threatens all networks

KRACK Wi-Fi attack threatens all networksA devastating flaw in Wi-Fi’s WPA security protocol makes it possible for attackers to eavesdrop on your data when you connect to Wi-Fi. Dubbed KRACK, the issue affects the Wi-Fi protocol itself -- not specific products or implementations -- and “works against all modern protected Wi-Fi networks,” according to Mathy Vanhoef, the researcher that discovered it. That means that if your device uses Wi-Fi, KRACK likely impacts it.

Read on for what you need to know about the KRACK Wi-Fi vulnerability, from how it works to how to best protect yourself against it. We’ll update this article as more information becomes available.

How does KRACK break Wi-Fi security?

KRACK (short for, uh, Key Reinstallation AttaCK) targets the third step in a four-way authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during step three, and if attackers collect and replay those retransmissions in particular ways, Wi-Fi security encryption can be broken.

That’s the CliffsNotes version. For a more technically detailed explanation, check out Mathy Vanhoef’s KRACK attacks website.

What devices are affected by KRACK?

If your device uses Wi-Fi, it’s likely vulnerable to the KRACK Wi-Fi security flaw to some degree, though some get it worse than others. We go into greater detail about how particular devices are affected by KRACK in a dedicated section further below.

What happens when Wi-Fi security is broken?

For starters, the attacker can eavesdrop on all traffic you send over the network. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” Vanhoef says. For a deeper look at the potential impact, check out PCWorld’s article on what an eavesdropper sees when you use an unsecured Wi-Fi hotspot. It’s a few years old, but still illuminating.

The United States Computer Emergency Readiness Team also issued this warning as part of its KRACK security advisory, per Ars Technica: “The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others.” HTTP content injection means the attacker could sneak code into the websites you’re looking at to infect your PC with ransomware or malware.

So yeah, it’s bad. Keep your security software active, just in case.



Comments