Posted on October 18, 2017 at 12:16 PM
New hacking technique “Krack” can compromise the safety of Android users’ data.
New research has come to light which confirmed that the widely used WPA2 protocol, which is responsible for securing all Wi-Fi networks has been hacked. Essentially this means that all devices that are used to connect to a Wi-Fi network, including smartphones, tablets, laptops, computers, gaming consoles, etc. are now vulnerable to data theft.
The vulnerabilities were discovered by a security researcher at the Belgian university, KU Leuven, Mathy Vanhoef. The research confirmed that the flaws were not present in the devices themselves, but rather in the Wi-Fi network. This could mean that all users’ financial information, login credentials, personal chats, securities, and other documents are all now vulnerable to be stolen by hackers.
According to Vanhoef, all data thought to be encrypted, is at risk. The particular attack, dubbed Key Reinstallation Attack, or “Krack” has the capability of bypassing the security measures of all devices currently running Android, Linux, Windows, MediaTek, OSX, and more.
Vanhoef also confirmed that Krack is able to work against all modern protected Wi-Fi networks. According to Vanhoef, the attack is dependent on the particular network configuration. Certain weakly protected networks will make it possible for hackers to insert ransom wear or malicious codes into websites or devices.
The technique requires hackers to be in close physical proximity to the targeted network. The attack operates by exploiting WPA2’s 4-way handshake system, the feature which allows a device to communicate securely.
Users have been advised to download device updates and patches as soon as they become available to prevent attacks. However, developing patches could take weeks.
Vanhoef noted that the attack is particularly devastating when used against Linux and Android 6.0 devices. The researcher noted that little skill was required to intercept an Android device. In addition, OS devices also carry risk due to a variant of the Krack attack.
Google statistics, which was released in May this year, confirmed that currently there are over two billion active Android devices across the world.
Vanhoef noted that changing a Wi-Fi network’s password will do little to prevent an attack. The researcher emphasized that the best possible course of action to users is to update all individual devices as patches become available. In addition router firmware would also require an update.
Certain manufacturers of vulnerable devices have known of the security flaws since mid-July. The US-CERT also recently issued advisory guidelines to impacted manufacturers.
For older hardware, updates may be difficult, if not impossible.
So far, experts can’t confirm whether these vulnerabilities have actually been exploited.
The Wi-Fi Alliance, an American regulatory body which is responsible for the overseeing of device security using the WPA2 protocol, stated that the vulnerabilities should be addressed with software updates.
Some security researchers, including Alex Hudson, have stated that the only way to prevent an attack is to switch off a device’s Wi-Fi and use mobile broadband until updates become available.
According to Hudson, this attack is similar to your firewall being compromised. Wi-Fi encryption ensures that other devices cannot communicate to your network. This technology has been under scrutiny for some time. Hudson stated that if this encryption no longer functions sufficiently, your entire network becomes vulnerability to intercept the data communicated via the network.
The vulnerability will be discussed extensively during the Black Hat Europe conference which is set to take place on 1 November 2017. The full research paper detailing the vulnerability and its scope is currently available for download.