Your home Wi-Fi may not be as secure as you've been assuming it to be. Security researchers have found that Wi-Fi Protected Access II, commonly referred to as the WPA2 protocol, has encountered severe vulnerabilities that can allow attackers eavesdrop on Wi-Fi traffic between computers and wireless access points.
The WPA2 protocol is the most common wireless encryption scheme currently in use to protect personal and enterprise Wi-Fi networks. According to researchers, critical vulnerabilities have crippled this 13-year-old protocol, potentially allowing hackers to get access to any unencrypted traffic and even inject malicious content.
All these vulnerabilities can be seen in action in the form of a proof-of-concept exploit dubbed KRACK, which is the short form for Key Reinstallation Attacks. Discovered by security researcher Mathy Vanhoef, KRACK takes advantage of a four-way handshake used to create an encryption key to secure the traffic, Ars Technica reported, citing a researcher.
Attackers, within the range of a victim, "can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on," researchers described in the website krackattacks.com.
Here're some shocking revelations resulted from by Vanhoef's discovery:
- The attack works against all modern protected Wi-Fi networks.
- Depending on the network configuration, attackers can inject ransomware or other malware into websites.
- Any correct implementation of WPA2 is likely affected. Therefore, if your device supports Wi-Fi, it is most likely affected.
- All major platforms, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
- Currently, 41 percent of Android devices are vulnerable to this attack.
Meanwhile, The United States Computer Emergency Readiness Team recently issued the following warning to about 100 organisations:
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
The vulnerabilities are also scheduled to be formally presented on November 1 in a talk titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 at a security conference in Dallas.
What's the best solution?
According to Vanhoef, the best possible measure that Wi-Fi users should take is to update all their devices that use a Wi-Fi network to connect to the Internet. They should also update the firmware of their router.
Although changing the Wi-Fi password does not prevent the attack, users can optionally change the password as an extra precaution, after updating their router.