When we use WiFi to transmit data, the information is automatically encrypted, using a methodology that’s part of the WiFi standard itself. But researchers just discovered a defect in this standard that allows hackers to read our data being sent over WiFi.
The defect is called a “Key Reinstallation Attack,” or “Krack’ attack.” The problem is not associated with a specific device but it affects the standard itself. That means every device that uses WiFi is affected: our phones, computers, routers, and even connected doorbells.
Mathy Vanhoef and Frank Piessens, professors at KU Leuven University, Belgium’s largest and most prestigious university, discovered the flaw and explained that the problem will occur on a “significant fraction” of devices. They found the problem to be more serious with Android and Linux devices, while devices running MacOS, Windows, and other operating systems were affected to a lesser degree.
Here’s how the hackers exploit this flaw: When they discover a vulnerable network, they make a copy of it, use the same MAC address, and change the WiFi channel being used. This now becomes a fake network that bypasses the correct one. Normally WiFi encryption, called WPA2, requires a unique key to be used for each block of text sent. However, the Krack attack allows the same code to be used repeatedly over this fake network, and this fake network allows the hacker to access the data stream.
Typically, a hacker would find a public network to breach, such as in a coffee shop or airport. When a user connects to the network, the hacker would interfere with the handshake between the network and device, and then be able to send code to the device and read information from the device. That allows the hacker to deposit malware on the device, access files, and modify the information being exchanged. Fortunately, the most likely scenario for this to occur would be for the hacker to be nearby in order to directly connect to the Wi-Fi network.
To fix this vulnerability, your devices require software upgrades. Hardware manufacturers are beginning to roll out updates. Google acknowledged that they are aware of this issue and will be patching devices in the coming weeks. Microsoft, Intel, and Cisco said they’ve released security updates and advisories for their hardware. And the latest iOS 11 beta being sent to developers already has the fix and will be provided to iPhone and iPad users shortly.
This is just another reason why it’s important to always upgrade your device’s software to the most recent releases. When vulnerabilities such as these are announced, they inform the hackers of new opportunities for exploitation and go after those that are slow to or don’t bother to upgrade.