The KRACK attack: what has been done and what we can do to protect ourselves

null

For the last few years we have banked on the idea that adding a password to our WiFi box is enough to keep hackers at bay but the simple fact is - it’s not.

The recent KRACK attack targeting of a flaw in the WPA2 (WiFi Protected Access) encryption standard on almost every wireless system on the planet highlighted the potential for disaster in terms of maintaining privacy of internet users worldwide. The event was so named after details of the weakness was first posted on the website krackattacks.com, a site specialising in research on key reinstallation attacks.

The WPA2 security breach has shone a light on the naive approach to cyber security of many companies and the implications of this is that there are literally hundreds of thousands of businesses not properly equipped to deal with a breach. In this case it seems like the outcome hasn’t been too severe but, given the frequency of system attacks in general, it is unlikely to be the last concern we will have about our routers.

Such a breach can include access to personal information, including bank details and account passwords. The latest IoT connected gadgets and devices that can be accessed remotely are also exposed as a result.

There’s a lot that could go wrong but, and here’s the good news, a great deal is being done by systems providers and steps you can take yourself to alleviate the threat posed by KRACK.

What the suppliers have done

Devices running Windows or iOS are already protected and patches are being developed for devices that use other operating software. In addition, websites that are Hyper Text Transport Protocol Secure (those with the HTTPS prefix and a padlock symbol in the website address bar) remain protected. This covers pages such as Amazon, Ebay and most online banking sites.

A further step to consider is to invest in networking equipment and hire an external service provider to take network security off your hands and help ensure your WiFi is safe.

Many manufacturers of routers and connection points were aware of the weakness prior to the story breaking. Most have now designed automatic security updates to address system shortcomings, MikroTik, Ubiquiti and Aruba are amongst the suppliers to have already issued updates making them safe to use. If you are using a public WiFi network, ask the host if a patch has been supplied or if you are unsure it would be best to use 3 or 4G until you receive confirmation the service is safe.

Fortunately, in this instance a rapid response from tech companies has minimised much of the disruption. The various patches and updates haven’t covered off all the potential issues however, individuals and businesses should consider taking some of the actions mentioned below. This will also serve them well in the case of any future large-scale attacks.

Steps individuals can take

In this case the WiFi password is immaterial, the WPA2 attack targeted the third of four authentication processes. By being able to resend the encryption key repeatedly the security of the system can be broken. The system password just doesn’t come into it as an issue.

Flashing, the process of upgrading a router’s firmware, will address vulnerabilities in routers in the home. Whether provided by an Internet Service Provider or purchased by the owner, a small amount of work is required for the router be returned to full service. The manufacturer’s instructions normally cover the best way to perform this work and details of this process can also be found online. In addition, most computer repair stores or IT service shops will do this for a fee if you are not confident in performing the work yourself.

Probably best known and popular for allowing the streaming of services like Netflix from different regions. A Virtual Private Network (VPN) is an easy and effective way to protect your data and something that is likely to increase in popularity as the public becomes more aware of its benefits. This approach constructs a virtual tunnel between the user’s device and the data destination. The technology is pretty solid and if an intruder accesses the network, the level of encryption will make any data stolen unusable. Many local authorities already use it and there are a variety of VPN services available.

A degree of uncertainty surrounds some of the IoT type appliances where updates are not readily available. The individual manufacturers should be advising their customers if and when an upgrade is available. On the whole though, the advice is that people can continue to use these products as normal.

Business WiFi

Venues, such as bars, cafes and restaurants, providing guest WiFi have to assure customers the service is safe to use. The type of login that requires a password written on a board doesn’t cut it. This is not secure for anyone and presents a hacker with the keys they need to access the host’s system and intercept any user’s details. Using a public WiFi service provider enables a secure setup that uses unique details such as an email address or social media login and will also automatically log the customer back in when they return.

In terms of the KRACK attack, a further benefit of using a public WiFi service is that automatic system updates take place straight away instead of requiring approval from the user. You can’t be sure if this has happened with a venue using the old-school password system.

Whether it is the KRACK attack or another form of online security breach, our increasingly integrated world, with items like Amazon’s Alexa, smart heating systems and greater online lifestyle, makes us more vulnerable if our systems are compromised.

This shouldn’t make us less inclined to use the internet in our daily life, far from it. The recent attacks go to show there is an array of effective tools out there to protect us and our online lives. We just need to be aware of what we can do and avoid complacency.

Patrick Clover, Founder, BLACKBX
Image Credit: Chris Oakley / Flickr