• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
WebSetNet

WebSetNet

Technology News

  • Technology News
    • Mobile
    • Games
  • Internet Marketing
  • System Admin
    • Windows 11
    • Linux
    • Mac & Apple
    • Website Scripts
      • Wordpress
You are here: Home / WiFi WPA2 Krack Attack, Flaw: Here's How To Stay Safe From Vulnerability

WiFi WPA2 Krack Attack, Flaw: Here's How To Stay Safe From Vulnerability

August 5, 2020 by Martin6

Monday morning brought the startling discovery that Wi-Fi Protected Access 2 (WPA2), a common protocol for securing wireless networks, suffers from a number of vulnerabilities that may expose sensitive information to attackers.

Make no mistake, the threat posed by the exploits—dubbed as KRACK, short for Key Reinstallation Attacks, by the researchers who discovered the vulnerabilities—are serious. Just about every device capable of connecting to a wireless network is at risk. But the attacks have limitations and users are not without options to protect themselves.

First, it’s important to understand how an attack using KRACK could work. Were an attacker to utilize the KRACK vulnerabilities, they would take advantage of a flaw in a four-way handshake performed by the WPA2 protocol.

The so-called handshake takes place when a device wants to join a protected Wi-Fi network. The handshake confirms the device is authorized to join the access point through a credentialing process, like when a user enters the Wi-Fi password to connect to the network. At the same time, the network creates a fresh encryption key to encrypt all traffic from the newly connected device.

In order to exploit the process, the attacker has to trick the victim into re-installing an encryption key that is already in use. Encryption keys are only supposed to be installed and used once. When an attacker gets a victim to reuse the key, they gain access to all activity transmitted between a device and access point or could inject malicious data into the connection.

For the time being, these exploits are possible but primarily theoretical, as it does not appear that an attack exploiting the recently disclosed vulnerabilities has been executed in the wild—though researchers were able to successfully carry out a proof of concept attack. Kevin Beaumont, a security architect, wrote that there is currently no publicly available code to carry out the attack and noted it would require “incredibly high skill set” to execute.

Kevin Robinson, the vice president of marketing at the Wi-Fi Alliance —an organization that certifies Wi-Fi devices to ensure they conform to certain standards—confirmed to International Business Times that there is “no evidence that the vulnerability has been exploited maliciously.”

The attack is also not without its shortcomings according to Candid Wueest, a threat researcher at security firm Symantec. He told IBT the attack requires a threat actor to be in close proximity of a potential victim in order to exploit the vulnerability.

“As an attacker, you have to create your own spoofed or fake access point and the client has to connect to it,” he said. You have to be in range of the Wi-Fi, let's say about 30 feet. It's not something someone from Europe can do to someone in the U.S," Wueest said.

He also said that there is no code execution in the vulnerability, meaning an attacker wouldn’t be able to create an attack that spreads from network to network. "There is no chance someone will create a virus that spreads from your Wi-Fi to the neighbor's Wi-Fi and so on,” he said. “The risk is about modifying or reading the data that it transmits.”

Because of that, Wueest said KRACK is, for the most part, less worrying than an attack like the WannaCry ransomware attack that spread itself to more than one million machines worldwide earlier this year by exploiting a vulnerability first discovered by the United States National Security Agency.

Wueest also said the issue wasn’t as bad as the Heartbleed exploit disclosed in 2014. Heartbleed was a vulnerability in an encryption software known as OpenSSL, which was used by hundreds of thousands of websites that handled secure information. The exploit allowed an attacker to send malicious code to a server and make it return sensitive information that would otherwise be encrypted.

It’s also important to not dismiss KRACK simply because it’s not as severe as other attacks, as it is a fundamentally different exploit.

“The KRACK vulnerability is different than past disclosures because the exploit doesn’t target your connected devices,” Gary Davis, chief consumer security evangelist at McAfee told IBT. “Instead, it targets the way your devices handle information and data, making any device that utilizes Wi-Fi vulnerable.”

Users should note that while WPA2 is affected by the KRACK, users should not move away from the protocol. The research does not present a fundamental threat to the infrastructure on which wireless networks are built—the flaws can be fixed and likely will be addressed for many devices.

According to Mathy Vanhoef, the security researcher who discovered the KRACK, WPA2 is already being reviewed for a possible update that will address the most serious of the security vulnerabilities.

The Wi-Fi Alliance announced a plan to help mitigate the threat of the discovery. The organization intends to test for the vulnerability during its certification process, provide a detection tool to identify the vulnerability for Alliance members and help Wi-Fi device vendors remedy potential security holes that could be exploited.

That said, KRACK is unquestionably presents a significant security risk. If exploited, it could be used to steal sensitive information that an individual willingly shares online, such as credit card numbers, passwords, chat messages, emails, photos and more—and simply changing the Wi-Fi password on a router will do nothing to protect against it.

KRACK WPA2 Vulnerability Protection: Keep An Eye Out For Patches

The first thing any user should do is keep an eye out for patches. KRACK was first disclosed by researchers to vendors in July and disclosed to the Community Emergency Response Team (CERT) Communication Center—a partnership between Carnegie Mellon University’s Software Engineering Institute (SEI) and the U.S. Department of Homeland Security—in August. Broad disclosure of KRACK was delivered to vendors by CERT on Aug. 28, giving them plenty of time to prepare patches before public disclosure.

As a result, many companies have already prepared and released patches that protect users against the attack. Microsoft already issued a patch and published a security advisory about the vulnerability. Many versions of Linux have a patch available as well.

Google is also working on a patch for Android devices—which have been reported as potentially the most at risk—and will reportedly make a fix available in the next few weeks. Users may want to turn off Wi-Fi on their devices when possible until the patch is officially available.

Apple has thus far been silent on the issue—a troubling fact given the researchers single out MacOS as being easy to attack. The company’s mobile operating system, iOS, is generally considered safe.

Device manufacturers have also started to address the issue at their own pace, with some rushing out updates and others essentially dismissing the threat. Consumers are advised to keep an eye out for updates from router manufacturers, as those access points are just as at risk as devices.

The wait time for a fix will likely vary based on company. For example, Latvian networking device manufacturer MicroTik has already issued a fix while German router maker AVM has said they will only release an update “if necessary.”

Kevin Robinson of the Wi-Fi Alliance said that it’s important to note “many consumer routers are not affected by this vulnerability, so consumers may not see an update available for their particular router.” He said devices that have been affected, “many vendors have already issued patches or will issue them shortly. Wi-Fi Alliance recommends checking the vendor’s website for information on specific vendor updates.”

Hemant Chaskar, the chief information security officer and vice president of technology cloud-based Wi-Fi firm Mojo Networks, told IBT “consumer equipment may take time to update” as manufacturers learn about and address the exploits. He noted that a wireless intrusion prevention system (WIPS) can help to block these vulnerabilities until patching takes place.

While waiting for the fix, users can ensure their information is not compromised by practicing the safe browsing habits that they likely should be performing anyway. Symantec’s Wueest said users should make sure they are only sharing sensitive information on websites that use Secure Sockets Layer (SSL), a secure web protocol that encrypts information sent between a user and the site.

A person can check the SSL certificate of a website in their browser. Most browsers will display the connection status between a user and a website in the browser bar. A secure connection will usually display a green lock or a similar icon to signify the secure status of the site. Many modern browsers also warn a user if a connection in unsecure.

Wueest also recommended using a virtual private network or VPN.

A VPN is a privacy tool that enables a device to send and receive information across a public network as if it was connected directly to a private network. In essence, it obscures the true location of the device and makes it appear as though its activity it coming from another network. Think of it as a sort of firewall for your online activities.

When a user connects to a VPN, it creates an encrypted and secure connection between the user’s device and a remote server. Any information—from web activity to user information to passwords—is sent first through that encrypted connection.

Send a request for information (i.e., type in a web address in your browser) and that is forwarded through the VPN. The response it receives is sent back through the same, secure connection. By filtering information through the remote server, a VPN shields that data from anyone on the public network, including an attacker who may be exploiting KRACK.

"A VPN is the best practice anyway,” Wueest said. “If you're on vacation or at a Starbucks or any other open Wi-Fi, then you should use a VPN to protect yourself."

Source

Related posts:

  1. Need a VPN? Here are the absolute best services available right now
  2. 6 Best Vulnerability Scanning Tools and Software
  3. Best VPN 2021: The best VPN services this year
  4. Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities
  5. Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender
  6. Best VPN 2020: The best VPNs for speed, privacy and streaming
  7. Best VPN services: Reviews and buying advice
  8. 5 best VPNs for Korea to defeat government censorship
  9. 8 best free VPNs for Netflix [Windows 10 & Mac users]
  10. How to setup PPTP VPN on Windows 10 (Complete Guide)

Filed Under: Uncategorized Tagged With: attack, flaw, here&#039, krack, wifi, wpa2

Primary Sidebar

Popular posts

  • 5 Ways to Fix “Your SIM sent a Text Message” Issue on iPhone
  • 3 Ways to Disable GetApps on Xiaomi, Redmi, and Poco Phones Running MIUI
  • GeForce Experience not finding games? Fix it fast
  • How To Extract & Install tar.gz Files In Ubuntu
  • How to Highlight Duplicates in Google Sheets
  • Discord Stream Has No Sound? 6 Ways to Fix
  • How to check if your Android device supports Widevine DRM
  • Exclamation Mark on Network Signal, Mobile Data Not Working? 8 Ways to Fix
  • How to find a lost Apple Pencil using your iPad (1st and 2nd gen)
  • 8 Best Sites to Read Manga Online for Free
  • 3 Ways to Hide Tabs in Google Chrome
  • How to Fix YouTube Server Connection Error [400] on Android
  • How to Track a Stolen or Lost Nintendo Switch
  • How To Search On Google Using Image or Video
  • How To Calculate CAGR in Excel
  • Microsoft Edge's newest feature? Shopping in Microsoft Edge
  • How to Change the Last Modified Date, Creation Date, and Last Accessed Date for Files and Folders

Footer

Tags

Amazon android Apple Asus available download: edge feature features first free from galaxy Game games gaming gets google install Intel iPhone launches linux Microsoft more OnePlus phone release released review: samsung series support this Ubuntu update using video watch what will windows with xbox your

Archives

  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org