“The security protocol used to protect the vast majority of Wi-Fi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attack”, according to Mathy Vanhoef, a cybersecurity researcher of KU Leuven in Belgium who discovered the weakness.
The discovery is alarming as the WPA2 protocol, the most common and secure Wi-Fi access protocol since 2004, is trusted by all for keeping Wi-Fi connections safe. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.
The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The vulnerability affects a number of operating systems and devices including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others. The attack, known as a ‘KRACK Attack’ (Key Reinstallation Attack) works by allowing the attacker to decrypt a user’s data without needing to crack or know the actual Wi-Fi network’s password. The attacker does this by decrypting the secure Wi-Fi connection and turning it into an unencrypted, and hence unsecure, Hotspot. For this reason, merely changing the Wi-Fi network password will not prevent or mitigate such an attack from taking place.
However, a limitation of KRACK attacks is that they can only be carried out by an attacker who is within actual physical proximity of the targeted Wi-Fi network. It should be noted though that the WPA protocol encrypts only the physical medium between a user’s device and the Wi-Fi connection it is joined to.
Furthermore, all secured apps and websites do now use some sort of end-to-end encryption protocol such as HTTPS, which is designed to work over unsecured channels (such as unencrypted Wi-Fi connections). As a result, the only way to access this secure traffic is by performing an additional SSL Man-In-The-Middle (SSL MITM) attack.
Fortunately, SSL MITM attacks are already detected and protected by various security toolkits deployed by Signal Alliance in collaboration with global IT security companies for both iOS and Android devices by immediately alerting the user and blocking all corporate assets.
These toolkits help to verify that mobile devices on your network are in compliance with the latest OS versions and security patches. To request a demo, contact Signal Alliance today on firstname.lastname@example.org