Most of you must have heard about a latest Wi-Fi attack named KRACK lately. May be, you haven’t hear of it. Thats okay. This blog post will give a brief explanation by answering few possible FAQ’s you must be having regarding the KRACK Wi-Fi attack. Here we go..!
1. What is this KRACK attack?
Key Reinstallation Attack (KRACK) is a Wi-Fi related vulnerability found by a security researcher named Mathy Vanhoef. The vulnerability basically enables to exploit a flaw in the WPA2 protocol, which may allow an attacker to hack into your Wi-Fi network and eavesdrop your communications. For your information, Wi-Fi Protected Access 2 (WPA2) is a protocol used to establish secure communication in your Wi-Fi network.
2. Okay. Is my home Wi-Fi router is also affected?
The short answer is, YES
Since the flaw is in the protocol itself and not in a particular model of router or device, all the devices having WPA2 capability is affected by this vulnerability. Of course your home router, office router, and all the routers around you are affected.
3. What can an attacker do, if you are compromised?
Simply saying, if an attacker compromises your router, they can simply steal almost all the information transferred via that router. If we put it to example, credit card details, user names and passwords used to login to websites, emails, etc. But one thing, this attack is not meant to steal the user name and passwords of the Wi-Fi router, which means, the password of your router is safe. But, the attacker doesn’t need your router’s password to really steal your data!. Put it in another way, there is no point changing the password of your router. That won’t prevent you from KRACK attack. That’s bad though!
4. If the attacker doesn’t need my router password, then how does the attack work?
The vulnerability is actually found in a process called 4-way handshake of the WPA2 protocol. If anyone need more technical detail on the attack, you can find the paper published by the researcher through this link.
5. Alright! Am I safe or not? What should I do now?
Good question. We cannot firmly say whether you are safe or not. But there is a good news. Unlike most of the other attacks, this attack cannot be performed through the internet. Which means, if an attacker wants to attack your router, he should be physically closer to your router. That means, a skilled attacker who is somewhere in the world cannot hack you. But a person who is near to you, with enough skills may try to attack you. It’s your call now to analyze whether you’re safe or not.
6. Is there any patch available? How to be safe?
By the time I am writing this blog, there is no patch available. You have to wait for a firmware update from your router vendor. As per the researcher’s advice, communication over HTTPS may be safer, but may be not 100 percent. What you can do is to setup a VPN which sends all your traffic through encrypted channel.