KRACKs And ROCA Security Protocol Vulnerabilities: Routers At Risk
by Dainius Prakapavičius
Review by Charles Mohapel
CUJO, BuzzFeed News, The Verge.com, MacRumors.com News ISBN/ITEM#: CM171017ATTACK
Date: 17 October 2017
If you thought WPA2 (Wi-Fi Protected Access II) provided you with secure Wi-Fi encryption, it was for roughly 13 years, but due to a recently discovered critical vulnerability in the WPA2 protocol called KRACKs (Key Reinstallation Attacks), MOST modern Wi-Fi networks are vulnerable to this attack. And if you're arrogant enough to think that you're protected because you're running a Mac OS or some flavor of Linux, you're in for a VERY rude awakening. As of this moment, only Windows users who applied the updates of October 10th, 2017 are protected.
WPA2 (Wi-Fi Protected Access II) was considered to be a secure Wi-Fi encryption suite for around 13 years. It became an industry and home standard. As recent history tells us, there is nothing 100% hack-proof.
Very recently a research group has detected a critical vulnerability in the WPA2 protocol called KRACKs (Key Reinstallation Attacks). It should be stressed that *most* of modern Wi-Fi networks are vulnerable to this attack.
How severe could it be? The vulnerability could be critical. Personal data such as credit card information, passwords or your activities online could be at risk.
"During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks", -- notes Mathy Vanhoef, a researcher who discovered the vulnerability.
As the proof-of-concept demo below shows, various operating systems could be deceived to use a known (i.e., not secret) encryption key. That could be used to decrypt your internet traffic, including sensitive information. Although the fact that most of the sensitive data is transferred via a safe and encrypted HTTPS is soothing, there is plenty of information (especially coming from the IoT devices) that could be extracted from the unencrypted traffic.
Our Other Pubs: