What is KRACK or Key Reinstallation Attack? Measures of protection
Wi-Fi is a major convenience for homes and businesses today. It allows users to log on to a particular network, stream media or connect to the Internet with ease. It also plays an important role in keeping homes secure. A device that connects to public Wi-Fi can allow a hacker to access your home network or business systems as long as they are connected to the same network. If hackers get into your network, they can steal valuable data from your devices and systems, like important documents or photos. Even if you use password-protected networks, most people choose open Wi-fi hotspots because they are convenient and affordable. However, there’s nothing more dangerous than unsecured open Wi-Fi networks. They can be attacked by hackers called “krackers” - named after the attack in which KRACK (Key Reinstallation Attack and Renew). We will talk more about this problem in this article.
WPA2 is a four-way handshake protocol that secures wireless connections in 802.11i/802.11n networks by providing an authenticated key exchange between the access point (AP) and the supplicant stations during initial connection. WPA2 has been widely deployed since 2004, in billions of devices including routers, mobile phones, laptops, and more.
KRACK attack definition
KRACK or Key Reinstallation Attack and Renew is an attack that hackers have been using with WPA2 (WiFi Protected Access II) wireless encryption standards to intercept communications between clients and access their networks without being detected as well as inject malicious code into wireless connections.
Since it has been discovered over two months ago, many companies have been working really hard on finding solutions and fixes for it: Google has released patches for Android, Linux kernel has patched many vulnerabilities found in it, Microsoft has released security updates for Windows 10 computers that include mitigations against Krack attacks, Apple released security updates for MacOS High Sierra v10.13.5 that fix issues related to the attack but unfortunately no fix
How Do KRACK Attacks Work?
KRACK exploits a vulnerability in WPA2 wireless encryption standards so that attackers can intercept communications between clients and access their networks without being detected. It works by exploiting four vulnerabilities, which are:
- The key reinstallation attack (KRACK) - allows attackers to decrypt intercepted data at will
- the fractured handshake protocol (a man-in-the-middle attack) - allows attackers to decrypt data or forward it to another destination
- the group key handshake attack (a man-in-the-middle attack) - allows attackers to decrypt data or forward it to another destination
- the key caching vulnerability (a man-in-the-middle attack) - allowing an attacker to sniff traffic or impersonate users on open WiFis
How to protect against KRACK attacks?
The best solution to protect against KRACK attacks is to update the device software and change the Wi-Fi network password.
If you are worried about the potential impact of KRACK attacks on your privacy, you can use a virtual private network (VPN). A VPN service encrypts all your network traffic, so attackers can't intercept it or track it. In fact, there's even a company that has already created a free VPN service called NordVPN. But as with any system, it's only as safe as its weakest link. If you're using an unsecured Wi-Fi hotspot, you could be at risk for Krack attacks if someone else has access to the network. So before connecting to open Wi-Fi networks anywhere, make sure they're secured by using WPA2 encryption standards.
If you have already been affected by the Krack attack, there’s still hope. You can fix your Wi-Fi by simply applying these fixes.
The easiest way to fix your Wi-Fi is to follow the steps below and make sure that you never connect to any unsecure networks in the future:
- Open up your router settings (in most cases, this will be found under “admin” or “advanced”)
- Update your router's firmware
- Enable WPA/WPA2 Personal authentication
- Enable a strong password and not just any password (use 10 characters minimum)
- Limit network access with port forwarding rules
- Install a VPN for added security
Subscribe for the latest news
Our recent webinar with the industry overview and product demo.
Solution brief on protecting apps and APIs with Wallarm.