Theo Thimou, Clark.com
It’s one of the most dangerous tech exploits ever discovered and it can impact any wireless device that accesses a public or private Wi-Fi network.
We’re talking about the KRACK attack!
When this pernicious attack is deployed, your data that’s supposed to be protected on a home or business Wi-Fi network goes up for grabs for any criminal to snatch.
Unfortunately, if you read the techie blogs trying to get the inside track on KRACK, you’re likely to come away confused.
Between all the jargon they throw around and the befuddling snippets of malicious programming that they embed as illustrations, your eyes are likely to glaze over pretty quickly!
So here’s a simple KRACK primer to get you started with some background knowledge.
8 things to know about KRACK
Here at Clark.com, we aim to demystify the hype around new tech security developments and give you actionable advice.
No code, no confusion and no clutter. We promise!
OK, let’s get started…
Why the name KRACK?
KRACK stands for key reinstallation attacks.
Cut to the chase: What’s the real threat from KRACK?
Basically, KRACK threatens the handshake portion of the Wi-Fi Protected Access II (WPA2) protocol.
A “handshake” is done whenever someone tries to sign on to a protected Wi-Fi network. The handshake establishes that you have the correct password for the network.
After the handshake, a new encryption key is generated to lock down traffic for security purposes. That’s where the key reinstallation attack part comes in.
The reinstallation is the Achilles’ heel here; using a simple exploit, a criminal can trick a targeted network into reinstalling a key that’s already in use.
But these keys are a “one and done” kind of thing. If a key that’s already in use is secretly introduced into WPA2 protocol, it can be exploited and finagled to reveal the very data it is intended to protect.
What does this mean for the average user?
Your data is at risk on both private and public Wi-Fi networks.
The KRACK research website is filled with ominous pronouncements like “The attack works against all modern protected Wi-Fi networks” and “if your device supports Wi-Fi, it is most likely affected.”
In addition, Vanhoef says criminals “might be able to inject ransomware or other malware into websites.”
Aren’t sites with secure ‘https’ protocols protected?
“Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations,” Vanhoef writes on KRACKAttacks.com.
“For example, HTTPS was previously bypassed in non-browser software, in Apple’s iOS and OS X, in Android apps, in Android apps again, in banking apps, and even in VPN apps.”
What actions should I take right now?
As crazy as it sounds, the safest way to play this is to not use Wi-Fi at all until a proven fix is in place across the board.
Do everything you have to do over cellular data, not wireless data.
Is there a patch available?
Yes and no. It depends on what kind of device and operating system you have, according to Wired.
If you’re an iPhone, Mac, or Windows computer person, patches are available.
While the patches should, in theory, have updated and rendered automatically for you, your best bet is to manually check and make sure you’re current with all your updates.
For those using Android, Wired reports there is a patch in the works that will be deployed first to Pixel and Nexus users. Then it will be made available for everybody else.
Can I just change my Wi-Fi password and not worry about all this?
No. In fact, an attacker who uses the KRACK exploit has no way to recover the password of a targeted Wi-Fi network.
The crazy thing is, they don’t even need your username or password to inflict the damage they’re capable of inflicting via this exploit.
Instead of relying on changing your password, Vanhoef says you should update the firmware of your router instead. Check out this frequently updated list of router vendors that have issued KRACK patches.
That said, it’s never a bad idea to change the Wi-Fi password once you’re all patched up!
How can I learn more?
The best ongoing source for info is the official KRACKAttacks.com site hosted by researcher Mathy Vanhoef.