Security researchers have found many high-risk vulnerabilities in WPA2 which creates a room for hackers to sneak into our WiFi network. This hack allows attackers to eavesdrop on the traffic between computer and wireless access points.
In Capsule:- Researchers have found several key vulnerabilities in Wi-Fi Protected Access II protocol(WPA2)
- The vulnerability can be exploited and our WiFi networks can be hacked.
- Mathy Vanhoef, a security expert discovered the vulnerability
- The vulnerability can be exploited using ‘Key Reinstallation Attack’
- This attack can be used to decrypt any data that the victim transmits in addition to gaining login credentials
Security researchers have found many high-risk vulnerabilities in WPA2 which creates a room for hackers to sneak into our WiFi network. This hack allows attackers to eavesdrop on the traffic between computer and wireless access points.Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness and published details of the flaw on a dedicated website on Monday morning.Vanhoef said that Attackers can exploit this weakness using Key Reinstallation Attack (KRACK) and read information that was previously assumed to be safely encrypted. This can be used to steal sensitive information like:- credit card numbers- passwords- chat messages- emails- photos, etcThe United States Computer Emergency Readiness Team issued a WARNING in response to the exploit:“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.”All modern wifi networks come under this attack and depending upon the network configuration, it can inject or manipulate data, said Vanhoef.Here the weakness is in the WiFi standard itself and not on any individual products or implementations. Therefore any proper implementations of WPA2 is also likely to be affected.“Note that if your device supports Wi-Fi, it is most likely affected,” said Vanhoef, and to prevent this attack all users must update their affected products as soon as any security update becomes available.The report said that the vulnerability affected operating systems like Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others.Here the KRACK attack works by the exploiting 4-way handshaking of the WPA2 protocol which is used to establish the connection between a user and WiFi network.The researcher executed a key installation attack as a proof of concept on an Android smartphone, and he was able to decrypt all the data the user transmitted.Here below is the video which demonstrates How the KRACK WPA2 Attack Works:“For an attacker, this is easy to accomplish because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key. When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted.”Vanhoef said that in addition to login credentials, they can decrypt any data that the user transmits. It is possible to decrypt the data sent to the victim also depending on the device used and network setup.Details of WPA2 Vulnerabilities:
- CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
- CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
- CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
- CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
- CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
- CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
- CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
- CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
- CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
- CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
The attack work against older WPA, WPA2, Personal, enterprise WiFi networks and networks which only use AES.Vanhoef said that his team will release a tool using which you can check whether your WiFi network is vulnerable to KRACK attack or not.Britain’s National Cyber Security Centre also responded to the issue in a statement that“We are examining the research and will be providing guidance if required. Internet security is a key NCSC priority and we continuously update our advice on issues such as wifi safety, device management, and browser security.”You may be interested in reading:Bluetooth Enabled Devices Prone to Security Flaws
How to protect yourself
We advise users to update their firmware as soon as the update is available and when accessing highly confidential information try to add an extra layer of encryption ( for example VPN).Always try to use HTTPS if it is available for the website you are visiting. It is recommended that you may use a browser plugin like HTTPS EverywhereAlways use an extra layer of encryption for all your network traffics which carries sensitive innhold by using technologies such as Secure Shell, and other reliable protocols to encrypt.You may be interested in reading:Important Know-hows to Tackle WPA2 WiFi Vulnerability!
