Pinacl Solutions



WiFi security flaw puts devices at risk

The WiFi connections of businesses and homes around the world are at risk, according to researchers who have revealed a major flaw dubbed “Krack”.  The flaw is part of the authentication system which is widely used to secure wireless connections. 

Researchers from the US Computer Emergency Readiness Team (Cert) issued a warning stating that an exploit called KRACK is taking advantage of vulnerabilities in WiFi security which lets attackers eavesdrop on traffic between computers and access points.

The WiFi alliance has stated that they are working with providers to issue software updates to patch the flaw.

Mathy Vanhoef, a security expert at the Belgian university KU Leuven, discovered the weakness in the wireless security protocol and stated that attackers can use the exploit to read information that was previously assumed to be encrypted.

Vanhoef also emphasised that “the attack works against all modern protected WiFi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

How the attack works?

Attackers find a vulnerable WPA2 network, then make a carbon copy of it and impersonate the MAC address, then change the WiFi channel. This new, fake network acts as a “man in the middle,” so when a device attempts to connect to the original network, it can be forced to bypass it and connect to the rogue one.

Normally, WPA2 encryption requires a unique key to encrypt each block of plain text. However, the hack described in the Krack Attack paper forces certain implementations of WPA2 to reuse the same key combination multiple times.

The problem is made worse by Android and Linux, which, thanks to a bug in the WPA2 standard, don’t force the client to demand a unique encryption key each time. Rather, they allow a key to be cleared and replaced by an “all-zero encryption key,” foiling a key part of the handshake process. In some cases, a script can also force a connection to bypass HTTPS, exposing usernames, passwords and other critical data.

The system takes advantage of a flaw in the “handshake” method to direct users to the malicious network. Neither WiFi passwords nor secret keys can be obtained, the researchers say, as the hack works by forging the entire network. As such, it can’t be used to attack routers, but hackers can still eavesdrop on traffic, making it particularly dangerous for corporations.

WiFi Security

This issue can be resolved through a straightforward software update – a process much like the software updates WiFi users regularly perform on their mobile devices – and major platform providers have already started deploying these patches. The software updates do not require any changes that affect interoperability between WiFi devices. Users can refer to their device vendors’ websites for more information.

As always, WiFi users should ensure they have installed the latest recommended updates from device manufacturers. Security is a dynamic endeavour, and WiFi Alliance will continue to maintain strong security protections for WiFi users.

What should you do?

The good news is that security advice doesn’t really change. Public WiFi is always thought to be untrustworthy and users should always use a VPN. And home and other WiFi access points under the user’s control should always be updated with latest ROM versions anyway.

So what can you do immediately? Make sure that all your devices are up to date, and that means all your devices including routers, TVs, any smart home equipment you might have.

Any website that uses HTTPS (or a padlock symbol next to the web address) is completely secure. Luckily for the general public that’s pretty much all the websites we visit regularly.

In addition browsers like Chrome and Safari will warn you first if you’re about to visit an unencrypted website which should give you an extra layer of protection

If you would like to know more about our WiFi solutions, please visit our WiFi page here or call 01745 535300.