Monday in CE: Massive WiFi Security Flaw Leaves Devices Vulnerable to Hack
- Author: Arturo Norris Oct 16, 2017,
Oct 16, 2017, 21:38
Security researchers have discovered a flaw in Wi-Fi's WPA2 encryption: the protocol that protects data sent over your Wi-Fi network. Most Wi-Fi-enabled devices and operating systems are affected by this vulnerability to some degree, including Linux, Windows, Android, and iOS, as well as most Wi-Fi routers and access points.
He also notes that devices that are running Android or other Linux-based OSes are particularly vulnerable. By rerouting a device through the dummy network the hacker is able to expose sensitive information that otherwise would've been encrypted.
They advised users to patch all Wi-Fi access points and clients when the fixes are available for the devices. "The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others", the statement reads.
"When the client now receives a retransmitted message 3 of the 4-way handshake, it will reinstall the now-cleared encryption key, effectively installing an all-zero key".
These KRACK Attacks mean that most encrypted Wi-Fi networks out there are not as secure as think.
The KRACK Attacks (with numerous variations) use the fact that although this four-way protocol was shown to be mathematically sound, it could be - and in many cases, was - implemented insecurely.
Krack refers to what the researchers call "key reinstallation attacks", or KRACKS. "Together with other researchers, we hope to organize workshop (s) to improve and verify the correctness of security protocol implementations". That group is now working with device makers and will release a tool that can tell if a device is vulnerable to the attack, he said.
"Depending on the network configuration, it is also possible to inject and manipulate data, Vanhoef says".
The vulnerability, known as "Krack" gives hackers access to nearly everything that has been sent over a Wi-Fi network and any device that has used the same network is potentially at risk. Both are security protocols created by the Wi-Fi Alliance that keep strangers from eavesdropping on what websites your computer is trying to access.
Discovered by Mathy Vanhoef of imec-DistriNet, the vulnerability is concerning, and if your device supports Wi-Fi, it may be affected.
It may feel like the internet is hyperventilating over the newly revealed WPA2 security flaw, but as more stories and analysis surface, we're learning that not only is the hysteria warranted but something we all should understand going forward. "Furthermore, an attacker wishing to target you would need to be within Wi-Fi range of your devices, making this very much a local attack". So far it seems secure sites-distinguished by having HTTPS before the URL-are, well, still secure.
"One of the biggest concerns here of course is getting routers patched- firstly getting the average user to check and apply any firmware updates and secondly, some older routers may not even have a patch available- the average household would acquire an auto-configured router, install it and forget about it, until possibly they change their internet provider". The organisation CERT/CC also disseminated news of the vulnerability to vendors on 28th August so at this stage its unlikely your router manufacturer has not received the news.