WPA2, a protocol that secures all modern protected Wi-Fi networks, both personal and enterprise, was recently discovered to be seriously vulnerable to a Key Reinstallation Attack, otherwise known as KRACK.
This attack works by abusing design or implementations flaws in the WPA2 protocol of Wi-Fi standard, or what is known as the four-way handshake (network authentication protocol) to reinstall an already-in-use key, which then resets the key and allows the encryption protocol to be attacked. To guarantee security, a key should only be installed and used once. But the research paper found this is not guaranteed by the WPA2 protocol which leads to the high possibility of this weakness to be abused.
Once the attack is successful, an attacker may take advantage of accessing and tampering network traffic, which may lead to login credentials or any other sensitive data theft or malware injection. The paper reveals that the attack is catastrophic especially against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux and Android devices. Also affected are Apple, Windows, OpenBSD, MediaTek, Linksys, among others.
What can you do?
Following the lines from the original researchers, Vitaly Kamluk, director of Global Research and Analysis Team for Asia Pacific at Kaspersky Lab, recommends the following:
- Update all WiFi client devices (such as smartphones, tables, personal computers, etc) once security updates become available. This ensures a key is used only once, preventing the attack.
- Update the firmware of your WiFi router.
- Changing your Wi-Fi password does not prevent or mitigate this attack. And this type of attack does not help recovering your Wi-Fi passwords. But after updating your devices and router, it’s always a good practice to change your Wi-Fi password.
- If your router does is not configured for automatic updates, please contact your vendor immediately for manual updates. Generally, you can try to mitigate attacks against routers and access points by disabling client functionality and disabling 802.11r (fast roaming). For ordinary home users, your priority should be to update your devices such as laptops, tablets and smartphones.
- WPA2 is still encouraged to be used as the safest option.
- WPA3 is not needed at this time. Implementations can be patched in a backwards-compatible manner, meaning a patched client can still communicate with an unpatched access point, and vice versa.
Source from : KASPERSKY (click here)
If you would like to read the technical white paper, please download them from here. (White Paper)
I would encourage all to take the preventive action to safe guard your data and information.
Prakash Christiansen @Chris