It seems like every year, we get word of bigger and more dangerous cyber-threats - and the so-called "KRACK Attack" is almost certainly among the biggest yet. Why? Because it potentially affects basically every WiFi-capable device out there which has been manufactured in the last decade or more. That includes both access points and user hardware.
This one isn't pretty, but it's vital that everyone be aware of what this attack is, what it could do, and what options are available to prevent it.
What is KRACK Attack?
KRACK Attack is a new hack exploiting a vulnerability in the WPA and WPA2 WiFi encrypted authentication protocol. WPA/WPA2 are by far the most widely-used WiFi security protocols in the world. They're effectively the default for most users and hardware.
It does not target passwords, but rather the authentication routine itself. In short, it enables a hacker to insert their own encryption key into authentication, allowing them to be a "man in the middle" and intercept all data being transmitted between users and access points.
In theory, that means they could have access to everything sent in either direction.
What hardware and software is affected?
Everything. That's the scary thing about this attack. Every major WiFi access point, every OS, every smartphone, every end-user device uses WPA encryption. This goes back 10-15 years. If you have an old Nintendo DS video game from years ago sitting around, even that has WPA security.
What actual attacks exist or have happened?
That's the only good news here. As of yet, there are no confirmed instances of actual tools existing that utilize the attack hack. Because it was made public in such a grandstanding manner, that gave security researchers time to work on fixes before actual attacks happened.
However, make no mistake: they will come. Hackers thrive on attacking older or unpatched hardware, so the existence of patches today won't stop them from preying on those who are unpatched. In particular, it seems very likely they'll target public WiFi in places such as cafes, libraries, hospitals, and soforth.
How do you protect yourself?
By patching your devices. The KRACK Attack vulnerability can be patched out relatively easily, and many of the biggest names - like Microsoft, Apple, Cisco, and Netgear - have already gotten patches out. So go look for firmware updates for all your WiFi devices, ASAP.
But here's the bad news: If you're running a patched device but you're attempting to connect to an unpatched WiFi Access Point at a cafe, you're still vulnerable. How can you tell if their AP is patched? You can't. You'd just have to ask them directly, and hope they have someone with a clue managing their WiFi.
And on top of that, it seems inevitable some manufacturers will drag their feet. Or if we're talking about older hardware that's no longer manufactured, it may never get an update at all.
This is serious, so take it seriously.
The dangers here really can't be overstated. If you're running a WPA/WPA2 WiFi network, there could be someone camped out in the alley behind your building tomorrow, snooping on all your data. Contact your manufacturers and software devs, get patched protocols, and keep pestering them if they haven't patched yet.
If they don't patch, the only other recourse is buying new hardware. We don't like trying to turn a profit off situations like this, but that's truly the bottom line: If you can't get a patch for your WPA device, replacing it is the only other option.
Do you have other questions about KRACK Attack? Just contact us.