What is Krack ?
KRACK – A major vulnerability that did not produce much noise and was addressed much less than it deserved. Let’s dive in to understand what it is and how you can secure yourself.
Key reinstallation attack or Krack was discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven, he had published a research paper, Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, co-authored by Frank Piessens available on the internet.
It is a vulnerability of WPA2-PSK but it also works on WPA encrypted network, WPA2-PSK is an encrypted connection that requires individuals to connect with a password (that’s what the PSK stands for, pre-shared key).
When a user connects to a Wi-Fi hotspot, before he/she do any internet browsing with their laptop or phone, the respective device will do something called a four-way handshake. This is a process that checks that the password the user has provided is correct, and establishes the encrypted connection between the router and the device.
The attacker interferes with the initial handshake between your device and the WiFi router in a way that allows the attacker to gain an ability to decrypt the traffic you exchange over WiFi.This means they’re able to do many, many bad things without even being on the network.
In a key reinstallation attack, the adversary tricks the user into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the user reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value.
The attacker doesn’t even need to connect to the network – only to listen to the data you exchange with an access point and emit their own packets back to change things on your system and the router.
This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
How to protect yourself?
A key way to protect yourself is using a VPN. Since a virtual private network creates a tunnel that encrypts your personal information and browsing activity, anyone using a reputable VPN is safe from a Krack Attack. However, the key word here is reputable.
A VPN also safeguards against having your personal information hacked when you use public Wi-Fi hotspots. VPNs can help you circumvent being tracked by your Internet Service Provider, your IT department at work, and even government surveillance.
It’s very tough to choose the right VPN, so choose them wisely, use a paid one, pay regularly, most importantly choose the one you trust and you are familiar with, stay updated, stay safe.