KRACK! - Wi-Fi Users Beware!!!
Lo and behold! Yet again a new bug has begun to ensnare our cyber presence and this time it targets EVERY WIFI ROUTER EVERYWHERE!
The intention is not to be a 'damsel in distress' here. This is a very real threat to all internet users who use Wi-Fi to connect to the internet - which means all of us. This new bug nicknamed 'KRACK (Key Reinstallation Attack) uses the vulnerabilities in the WPA2 protocol that governs the encryption technique of the WIFI router. IT Security departments and managed SIEM services are aggressively trying to patch up this problem before nefarious attacker try to profit from these vulnerabilities.
How does AES work?
The WPA2's encryption mechanism is dictated by an encryption protocol called the AES. AES is short for Advanced Encryption Standard. The encryption standard uses a chain of encrypting phrases to encrypt the information is in the air, moving from the laptop and the Wi-Fi router. If it is not encrypted then anyone can pick up the signals and view your Facebook as you post your status. That 'chain of passphrases' is unique for every packet or chunk of data that the user sends from the laptop, but this chain repeats itself after a while. These passphrases are only known by the laptop that the user is using and by the WIFI router. So, to put it simply, before sending information on to the waves the computer encrypts the information with a secret passphrase that the WIFI knows. The WIFI uses the same key to decrypt the information and sends it onto the internet, and then both of the devices switch to the next passphrase.
How does Bug work?
The bug was discovered by Belgian security experts named Mathy Vanhoef and Frank Piessens who were VAPT testing networks for their research. The KRACK attack uses a single vulnerability in the encryption mechanism: The attacker would generate a fake "can’t hear you, could you repeat that again?" message posing as a Wi-Fi router. The user's laptop resends the same information encrypted by the same passphrase to the 'Wi-Fi in sheep's clothing' and before long the attacker is able to decipher the encryption passphrase. If the attack is left undetected the entire chain of passphrases can be deciphered by the attacker. Personal information, email addresses, credit card numbers and even photos can then be viewed and used by the attacker.
What to do?
Please make sure to update the devices that are in use and often connected with a Wi-Fi. Android users are most vulnerable from this attack and Google has said to distribute a patch by November 6th, at the earliest. The old android devices might not get the update in any case. Windows has already put in a patch protecting their devices from harm, and Apple has somewhat reassured its users that iPhone and Mac users are safe from this attack. Try using the Ethernet cable for a while and move the home Wi-Fi router to a more central location so that attackers are not able to catch the signals of your Wi-Fi in the first place.
