WiFi “Krack” Vulnerability in WPA2: What You Need to Know

On 16 October 2017, a KRACK vulnerability was found in WPA2 – the most common method of security found in most wireless routers released since 2004. Its nature allows hackers to infiltrate a completely secure WiFi connection without the victim’s knowledge until it is too late for them to do anything about it. To make matters worse, the vast majority of wireless devices use WPA2 to negotiate entry into a network.

And the story isn’t over: it might take a few years to completely mitigate the damage, regardless of how much effort software manufacturers like Apple and Microsoft make to patch their systems.

wifiattack-router

To understand the Krack vulnerability (as it’s called in the media, short for “Key Reinstallation Attack”), we first have to know how WPA2 works. To authenticate a device on the network, both the router and the device go through a four-step process, known as a four-way handshake. Let’s explain this a little more in detail since a lot of outlets get this process wrong:

  • The router sends a string of numbers to the device, giving it the means to construct its own private key with which it will communicate directly with the router. This is known as the pairwise transient key (PTK).
  • The device now sends its authentication information through another string of numbers that includes a message integrity code – validating that it is indeed the device with which the router is communicating – followed by an authentication code which validates that the device has the password to access the network.
  • The router, upon receiving the previous information, will reply with a group temporal key (GTK) that is used for broadcasting.
  • The device, receiving the GTK, replies with a confirmation ping, effectively entering the network.

The process is a little more complicated than I described it, but for the purposes of our next explanation, it suffices.

Hackers who want to exploit the vulnerability are able to “reinstall” the keys negotiated between the router and the device. There goes all protection. Someone with the ability to do this can impersonate their victim at will and receive packets that are meant for their eyes only (if the hacker reinstalls the PTK).

wifiattack-protect

So, if a hacker can perfectly impersonate you without your knowledge, how are you supposed to protect your information? Theoretically, one could simply connect to a WiFi network, then manipulate packets to make a payment on your behalf to their bank account.

The first step is avoiding Wi-Fi altogether for sensitive things like logging into your online banking application. For these things, you could use your cellular network. It might cost a penny or two (if you have a data plan that requires payment per X amount of data transferred), but at least you will have the peace of mind that you’re in a network that has more anti-hacker muscle behind it than some $40 router at a coffee shop.

If you cannot avoid WiFi and you must do something now, I highly suggest connecting to a virtual private network (VPN) before you go through with it. Using a VPN will not necessarily give you immunity against hackers, but at least you’ll have a bit more protection with an extra layer of security, especially if it involves end-to-end encryption. Even if a hacker can impersonate you relative to the router you’re connected to, the task just got much harder because VPNs use another type of authentication that often guards against these attempts.

If you do not have a VPN, then just know that you’re taking a risk in doing what you need to do through WiFi. You can minimize this risk by having multiple-factor authentication with your bank and other applications you use.

It’s not the end of the world, but that doesn’t mean you shouldn’t be vigilant and protect all your valuable data as much as you can. These steps should be followed regardless of whether the WiFi connection you’re in is vulnerable or not.

Also, since most people do not install updates to the firmware on their routers, it will likely take years until this particular vulnerability is completely phased out. It wouldn’t hurt to update your own router’s firmware and inform your favorite locales to do the same!

What else do you do to protect your data? Tell us all about it in a comment!

15 comments

  1. Hi,
    If my router is in the basement and the signal is not so great, (I can only connect inside house), can the hacker reinstall the PTK?

    Thanks.
    L.M.

    • If you cant get a signal outside your house then the hacker cant get a signal to hack in unless you invite him in your house where there is a signal.

    • Unless they have signal, no. But this isn’t a typical concern in home networks. A lot of hackers would choose to target public Wi-Fi networks at airports or large venues with lots of access points where there are hundreds or thousands of victims to choose from.

  2. Are there any software apps or packages that help secure WIFI better from hackers for cell phones and laptops.

    • You can just use apps that have end-to-end encryption. Or connect to some kind of VPN. The validity of Wi-Fi handshakes is usually up to the access point to interpret.

  3. Does this also apply to my own wifi devices (modem-router and mifi)? I understand that it’s less likely, but this seems to hinge on the sentence, “Hackers who want to exploit the vulnerability are able to “reinstall” the keys negotiated between the router and the device”.

    • The keys I discuss in the article are PTK keys that are generated each time a new device connects to the network. A hacker can only do this in each instance the PTK is generated.

      This means that hackers can’t manipulate the router’s settings itself. It’s just an intrusion on one device’s particular communication with the router. And yes, this applies to home routers as well. Keep your firmware up to date. If your firmware is patched against this, you should be fine.

  4. I’ve started to register all my allowed WiFi devices by MAC in my routers and APs and activated policy only allowed to use connections. Is it enough currently whilst I change to more secure devices or schema?

    • Theoretically, a hacker can also spoof your MAC address and it is not extraordinarily hard to find out. But you can rest assured that most hackers won’t make a concerted effort in trying to breach a home network’s communication. There is very little to gain out of such small targets.

  5. I’ll be on the lookout for strange vehicles parked in front of my house. Otherwise, I’m not personally worried about this one.

    • If you don’t typically use public Wi-Fi networks, yes, you should be fine regardless. War-driving (i.e. looking for vulnerable or open home networks) isn’t a typical thing hackers do. They stand more of a chance hacking an airport’s Wi-Fi network.

  6. How about an article on updating a router’s firmware?
    I’m renting it so does it automatically get updated by them?

    • Each router manufacturer has its own instructions with regard to firmware updates. If you are renting your router, you will have to ask your ISP about updating the firmware. You can probably do it manually.

  7. Hello to you all…

    Please do not panic . This all thing actually remind me of a movies when a military weapon called “OPEN EYE” could indeed break in to anyone’s camera or any digital equipment when connected to the Internet..!! I cannot understand what is the bass all about !!! This is a vulnerability like all others … believe me there out there much much worse besides K.R.A.C.K. which a lot of them didn’t even seen the publicity at all and probably they will never do. Why??? Well use your head to think about it.

    I will say one more thing about WIfI Routers . The WPS mode when enabled is much much worse than K.R.A.C.K. and very easy to crack and no one ever said anything about it or came so hard in public about it. Is not secret any more and there is nothing to do about it to protect yourself besides of disabling it completely. Well a lot of people know that but many they do not.
    As far as I know the TPLINK company ( well respected company) announced that none of their products have K.R.A.C.K. vulnerability if they operate in AP and Router Mode , which they all do. My opinion is to …try to find a decent hardware and you do not have to fear anything.

    Just think about it…. when “they” where designing WAP2 protocol , no one ever thought of this vulnerability ??? Well… the answer is YES but of course theses kind of “people” wants to have the upper hand on the masses and most important they want PROFIT.

Comments are closed.

Sponsored Stories