KRACK stands for “Key Reinstallation Attack”, it has come to remind us that cybersecurity is a daily task. That what is safe today may not be tomorrow.
This attack on the Wi-Fi WPA2 security protocol was discovered by researchers at the Catholic University of Louvain, Belgium. It is an exploit that violates access to the network, leaving exposed information on all devices that are connected to it.
The WPA2 protocol is considered the safest, since it protects access with an encrypted alphanumeric key. However, this attack acts right on the handshake and manipulates the access process, generating a duplicate of the key. Once inside, the hacker could inject a virus or steal information from network users.
The peculiarity of this exploit is that it affects any type of platform and all types of encryption: WPA-TKIP, AES-CCMP, GCMP … Of course, the hacker has to be close to the network that he intends to attack, can be run remotely.
The immediate solution to this problem are the updates and patches that have to provide the responsible companies. All routers and WIFI devices are working on these solutions. Some have already made them available to users and others are in the process of doing so.
Android devices are the most affected by this vulnerability, 41% of them are at risk. Google has promised an update for the beginning of November, but will only affect its own devices, because the brands that include Android in their terminals, are those that will develop the patch for each device. So the process can be long.
From here, the big question arises: can we avoid being victims of this type of malicious attacks?. As in most scenarios, there is no zero risk, but we can adopt prevention policies that would help reduce the odds of cybercrime or at least minimize harm.
Safety tips on the use of WI-FI networks:
- Continue to use the WPA2 protocol, as it is still the safest.
- Set a strong password and change it frequently.
- Filter the MAC connections of the router, so that only previously authorized users access.
- Disable on the router:
- Repeater mode
- Fast roaming
- Remote access
- Hide the SSID (Service Set Identifier)
- Keep the firmware updated
- Change network security to 802.1x
- As far as possible, browse pages with secure https protocol
- Avoid connecting to public WI-FI networks
If you want peace of mind, you can look for an application or cybersecurity system that allows you to protect sensitive information stored on all your devices. Thus, if they manage to break all the firebreaks commented, your data will not be exposed. Syneidis has a solution that fits your needs.
You may also be interested: Cybersecurity Tips for small and medium businesses