Find out more about Krack Attack below.
We all rely pretty much on Wi-Fi. We have got our phones, computers, watches connected into our personal networks and also the IoT gadgets like refrigerators and network-enabled juice presses. This vulnerability discovered by Belgian security researcher Mathy Vanhoef could let hackers do things like steal credit card numbers or inject malware wherever there is Wi-Fi.
The security that encrypts almost all Wi-Fi networks is WPA2 short for Wi-Fi protect encrypt access. It was develop in 2004 and was mathematically prove to be safe and to not give any passwords or encryption keys, which it doesn’t but the new vulnerability refer as Krack Attack gives hackers a potential work around.
What is Krack Attack?
Krack Attack is a short form of Key Reinstallation Attack which exploits a process that’s an important part of WPA2 security, which is known as four-way handshake. This handshake is a series of messages exchanged between a client device like your phone and access point like your router when they are establishing a secure connection. The first two steps of four-way handshake involve the client and the access point making sure that they have the right password.
In the third message the access point sends some additional information and the fourth message is the client saying “Okay, we are good to go”. Over the course of this exchange the client and the access point agree on an encryption key, which both of them install after the fourth message. That key, along with a special number associated with the amount of data that has been send so far, is use to encrypt each chunk of data, or packet.
It’s kinda cereal box decoder ring that lets you have the rest of the conversation in code. That conversation is all of the data you are sending and receiving on the internet, including your credit card details if you feel like finally splurging on that new video game and Wi-Fi is beam in the air where everyone in range can intercept it. As long as it’s encrypt, nobody can snoop on the information you are passing even if they intercept the message. Without knowing the code it’s just gibberish for the hacker.
How the Krack Attack Breaks Wi-Fi Security?
The Krack exploit lets hackers figure out the data by targeting the third message in the handshake. That message can sometimes dropout because of routine blips in the connection, so if the access point doesn’t get the fourth “Okay, we are good to go” message from the client, it sends the third message again, like “Hey, I don’t think you got that! Let me repeat it”.
In his paper, Vanhoef found that if a hacker blocks the fourth “got it” message from getting to the access point, causing it to send the third message again, they can force a device to reinstall the encryption key which also resets that special number and that’s bad. It means you’ll end up using the same encryption key and the same number and therefore the same code over and over again.
Repetition is how codes are broken, with all those data packets encrypted with the same code again and again, hackers can look for patterns that can give away what the code is and it becomes way simpler to decrypt the data they are intercepting. They could do a handful of things which are exploited depending on the specific type of connection. In some cases, they could theoretically send data too, infecting the device with malware or ransomware.
Now this is a massive vulnerability. But there’s a reason to take precautions, but there’s also a reason not to panic, because it’s not the end of Wi-Fi and we know it. But depending on data packets hackers manage to intercept and decrypt, there’s still a lot of information they could steal. They could also inject harmful softwares in sites that don’t use https, a favourite tactic they normally abuse over Wi-Fi networks that aren’t secure, like in coffee shops.
How to be secure from this attack?
Since WPA2 is suppose to be so safe, it’s use to secure all Wi-Fi networks. So it means it affects all the devices which are hook with Wi-Fi even your Wi-Fi enable toaster. For security, you could use the websites which use https instead of http where https websites are encrypt. The good news is the tech companies know about this vulnerability. they might be pushing updates to fix this problems on your mobile devices but it will take time to fix it.
on the routers and your Wi-Fi enabled toasters and ideally both your devices and your routers should be patched. So you should make sure to install any updates that come in for your devices. Another good news is that the hacker will have to physically access the Wi-Fi to pull-out a crack attack. They cannot do it remotely. So unless you see someone in a sketchy van camping out across the street outside your house, your personal network is probably fine. It’s easier for someone to hangout in your business and pull this out though which is why it’s risky to totally dismiss it.
written by: Atharva Shirude
reviewed by: Sayan Chatterjee
