Nowadays we are more depended on the wireless data services for our daily uses. Everyone now connects with Wifi services all day long for hassle-free connectivity service. In 2016, a severe attack found on the internet security service area, which is known as KRACK attack.
What is a KRACK Attack?
KRACK- Key Reinstallation Attack, is a severe replay attack on the Wi-Fi Protected Access protocol that secures Wi-Fi connections.
The attack works against all modern protected Wifi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations.
How KRACK attacks?
The attack works against WiFi clients and depends upon being within WiFi range of the target device. Attackers can use a special WiFi card that retransmits a previously used session key which forces a reinstallation of that key on the client device.
By doing so (and depending on exactly how WPA2 is implemented on the client device), the attacker can then send forged data to the client. For example, an attacker could silently manipulate the text and links on a web page.
What happens when this KRACK attacks?
When you log onto a WPA2 protected network, which requires your device to do a handshake with the router, both the router and your WiFi-enabled gadget agree upon an encryption key that only works between those two devices.
If it has to restart the handshake for some reason, the same encryption key is used, and that’s where KRACK comes into play. The handshake is manipulated and replayed to the victim, which restarts the session between the two devices. The attacker reads the handshake, manipulates it, then sends it on its way.
It affects all versions of WPA implementations in similar ways. This is very concerning because an attacker could decrypt packets via the TCP sequence part of a connection; and if the user is using TKIP or GCMP (which are both encryption protocols used in WPA), the attacker could decrypt and inject malicious packets. This means the attacker could force you to expose passwords to your online accounts, credit card information and any other information that you transmit via the wireless connection.
How to shield yourself from this attack?
- Turn automatic updates on
Microsoft announced within hours that they would be pushing out a fix via a security update. If you remember to patch or apply those updates, then you might be in the clear. Every smartphone OEMs already released a patch to fix this issue.
- Use HTTPS on all websites
Apply “HTTPS Everywhere” on your browser. Browse smart and use HTTPS on all sites.
- Update your Antivirus
Update your antivirus in your PC and smartphone gadgets. Even default virus definitions will be helpful in case an attacker targets you and install something malicious.
- Turn Firewalls on
Make sure that your firewalls are turned on; and if you can, switch to a wired connection instead. Clearly, you can’t do that for your tablets or smartphones, but for all portable devices,
- Use a VPN
If you have a VPN that you trust, use it.
- Check your WiFi protocol:
Downgrading to WEP is NOT an answer to this problem; it will only make things worse for you.
That was all about the KRACK Attack, do share if it helped you.