Wi-Fi Attack Vulnerability

by | Jan 9, 2024 | Cyber Security | 0 comments

Wi-Fi Attack Vulnerability

Understanding KRACK: What Does the WPA2 Security Breach Mean For The Average Person?

Researchers from Belgium’s KU Leaven University sent the internet into a panic the morning of October 16 when they announced that they had found a core vulnerability in WPA2. Sensational headlines quickly proclaimed that any device using WiFi was now open to attack, but that isn’t really the case. It’s technically true that any network using the WPA2 protocol can be exploited, but it’s far from the end of the internet as we know it.

What is WPA2?

WPA2 is the security protocol used by just about all modern devices (computers, phones, and tablets) when they connect to a network to get onto the internet. WPA2 encrypts all the communications between your device and the network so that other people on the network can’t snoop into them or manipulate them while in transit.

The exploit that the security researchers discovered, called KRACK, is a core flaw in the protocol. To simplify it as much as possible, it allows someone on the network to capture the encryption keys needed for communication, making it possible for them to see and manipulate the data people are passing. If you were on a network compromised by KRACK, the attacker would be able to see everything you are doing on the internet and would be able to capture anything you entered or uploaded (like passwords).

Is All WiFi Insecure Now?

That sounds bad enough to be the death of all WiFi, but there are a few mitigating factors that make this not nearly as bad as it initially appears.

The first thing to know is that not all devices are equally affected by this exploit. While anything using WPA2 can potentially be attacked, it seems to be a very difficult attack to pull off on many devices. Older devices running Android and Linux seem to be disproportionately vulnerable to it, while newer Windows devices are less vulnerable.

The second thing to know is that this vulnerability can be patched, and hardware vendors began scrambling to do so before it was even announced. Fortunately, a team of university researchers discovered this and kept it from the general public, but gave weeks of advance notice to major hardware and software companies before publishing their findings. For example, on the day the vulnerability was announced, Microsoft announced that they had patched Windows to secure against it a week earlier. Once a device is patched, it is no longer vulnerable, and this exploit had never been seen in the wild prior to the publication of the research paper. So a lot of devices will be securely patched before they can even be widely deployed by criminals.

The third thing to know is that the attacker needs to be an authorized user directly connected to the network they are attacking. If you have a home WiFi network that only you and your family have the passwords for, it is extremely unlikely anyone could run this exploit on you. The biggest threat is to public networks that anyone can access, like those at coffee shops, airports, and shopping malls. The attacker also has to be physically close enough to the device they are targeting, as they have to be able to get in the middle of its communications with the network.

What Should You Do About This?

The first thing to do is to see if patches to your devices are available. This will likely involve an update to your operating system, like Windows or Android. A patched device can still safely communicate with an unpatched network. Unsure about patching? Contact Elevated Technologies.

Some devices will not be able to be patched, such as phones and tablets running old versions of Android that have been abandoned by their hardware manufacturers. If you have a device that can’t be patched, you will need to be more cautious about connecting to wireless networks with it. If you need to use a particular public WiFi network, ask the company hosting it if they have patched their routers to secure against it.

Though there is an outside chance that an attacker could inject malicious code (like malware or ransomware) by intercepting your transmissions with a network, the biggest issue is privacy. If you are using an unpatched device on an unknown network, assume that anyone can see what you are doing.

In other words, stick to what was standard common-sense security protocol prior to this, which is to never enter sensitive personal, financial, or account login information while on a public network.

Related Posts: