On October 2017, university researchers in the field of internet security published a paper that describes a severe security vulnerability of the WPA2, the protocol which protects most wireless networks, including our own. This vulnerability can be used to crack practically every unpatched network. Let's see what we can do to increase the WiFi security against the dangerous threat that goes by the name of “KRACK.”
Table of Contents
What is KRACK?
The name of this new threat stands for “Key Reinstallation Attacks.” It is a unique malicious attack that uses the invasion technique and affects all the devices connected to the WiFi.
Mathy Vanhoef discovered it first, an expert on the cyberspace at the Belgian KU Leuven University. His team of experts presented this research at the conference about computer and communications security (CCS) on Wednesday 1st November 2017.
When we connect to a WiFi through a device, and we type the password, that very moment the encryption WPA2 takes place, an encryption which ensures that the user and the access point have the correct credentials.
The research discovered a serious security gap at the WPA2, which gives a chance to intruders within the WiFi vicinity to perform malicious actions.
In particular, the attackers can use this new attack technique to read information which was supposed to be safe and encrypted.
In fact, the attacker can use the KRACK to see and decipher a big part of what is happening on our WiFi network and the devices that connect to it; even if they don’t know the password.
Should we worry?
Even though this is a publication of a very recent research, the worries have increased incredibly. The most known technology sites have put their emphasis on demonstrating this new threat of the KRACK.
The attack works against all the contemporarily protected WiFi networks. There is a great danger of a malicious use of the data in all the devices which share the same WiFi network.
For example, a KRACK intruder is in position to install ransomware or other malware. Furthermore, they can intercept delicate information such as credit card numbers, passwords, chat messages or email, pictures/photographs, etc.
This WiFi security threat poses on every device that supports WiFi. During the initial research, experts found out that the systems which run Linux and Android are the most vulnerable.
Later on in the research, it was revealed that variations of the attacks directly influence windows and macOS, but also the rest of the Apple devices, SDOpen BSD, MediaTek, and Linksys.
The most worrisome fact is that the KRACK detours the password and the attacker can go on undisturbed. Simply put, a password change won’t eliminate the problem.
How to protect ourselves from the KRACK attacks
The first thing we need to do if we want to avoid an attack is to update the vulnerable devices. Furthermore, we should always be on the lookout for new security updates.
Security updates everywhere
Hence, it is a good idea to start with Windows, because many of us save this action for last. Fortunately, computers, cell phones, and tablets notify us about security updates regularly.
Check the router's firmware
Nonetheless, the router, which is the most vulnerable device, won’t send any notifications to update.
As expected, the router manufacturers have started to take action. Soon enough there will be a storm of firmware updates.
The same thing is happening with famous companies, such as Microsoft, Google, and Apple. Here we can see a list of the updated devices, as well as the companies which have started taking action to eliminate the KRACK.
If we have an older router, it is possible that there will be no updates at all. In this case, and since we are not indifferent to the KRACK, changing the router is the only way to enhance our WiFi security.
Furthermore, before we proceed to a router purchase, we should make sure that the new device has WiFi protection against the KRACK. Therefore, it is essential to research the firmware it carries and its updates.
Nevertheless, there is no need to panic and lead ourselves to a hasty purchase or action, because there are no security updates for our router. So, don’t grab your tin foils yet.
The experts made it clear that home users should start updating their clients first; in other words, our laptops and smartphones.
WPA2-PSK with AES encryption
Nonetheless, we should complementary ensure that the router uses WPA2-PSK with AES encryption, not WPA/WPA2-PSK (TKIP/AES). WPA and TKIP are deprecated and even more vulnerable; plus, they can slow down our WiFi.
Also, if possible, we should deactivate precarious functions such as WPS and UPnP from our router’s panel.
However, it is worth mentioning that if we use the PLEX server, the deactivation of the UPnP will terminate the remote access of multimedia outside our network. Apart from that, we won’t face other problems.
Until the threat is tackled and the WiFi security is enhanced, we can use the wired network exclusively.
Thus, we can connect an Ethernet cable to all the devices which allow it, such as laptops, SBCs, and TV Boxes.
The KRACK affects only the standard 802.11 and the wireless connection between a router and the connected device. The Ethernet cables are relatively cheap, and it is worth choosing them for as long as necessary.
Another measure that we need to take is to avoid any public networks until the safety updates are published. At the same time, we should avoid the websites which do not use the secure HTTPS protocol.
This extension encrypts our communications with most sites on the web. This way, we can increase the WiFi security. The extension is available for most browsers as well as their clones.
As we will see later, HTTPS Everywhere is perhaps the most critical extension.
So, while we are waiting for the new updates which will deal with the KRACK, we need to make sure that we have guarded our personal data.
In this case, if we perform delicate bank transactions, especially those which require an access password, it goes without saying that it is more necessary now than ever before to achieve them via the HTTPS.
Antivirus and anti-malware
Although this is self-evident already, and you might have probably taken care of it, it is good to check that you have updated your antivirus and anti-malware protection.
As we saw in the beginning, the attacker can use the KRACK to install malware from the websites we visit, so an updated antivirus software will keep us safe.
Use a VPN
If we have a reliable VPN service, we should activate it on all our devices. Furthermore, we need to make sure that we have set the service to start automatically when we power on the device.
A paid VPN such as the Swiss HotSpot Shield allows a simultaneous high-security encrypted connection for ten different devices.
How vital is WiFi security for you?
Undoubtedly most of us will keep using the WiFi, besides threats like the KRACK. However, we need to be careful and follow the necessary security steps we described above.
If you have any questions or you want to share your opinion on the subject, write us in the comments.
Did you enjoy this post?
Do you want to support PCsteps, so we can post high quality articles each and every day?