KRACK targets a vulnerability in the protocol specification, so almost all Wi-Fi routers used in homes, corporations, government organizations, etc. are vulnerable.
How does the attack work?
KRACK attack targets the 3rd stage of the four-way handshake in the WPA2 protocol. This four-way handshake is how the router connects to the internet. When the client and router communicate, they use a unique cryptographic key that changes with every connection and every device. This is so other devices cannot hop on the same connection, even if it’s on the same network. However, in order to optimize the communication and minimize connection problems, the protocol allows and recommends the re-use of a cryptographic key numerous times if the router doesn’t receive an acknowledgment from the client. KRACK attack takes advantage of this and captures the one-time cryptographic key. It then retransmits the key over and over again which forces the client to reset the packet counter. By comparing the encrypted text before and after sending the key, the attacker can figure out the overall session key. From there, attackers can do many things like sniff the traffic (similar to a man in the middle attack), install any malware (like ransomware or Trojan), and trick the user into connecting to a secured website without HTTPS (although properly configured websites are not affected by this). The good news is that the attacker needs to be in the physical vicinity of your router in order to perform this stunt, so there’s less of a chance of it happening to your private home. This, however, should not undermine how important it is to take precautions.
What devices are affected?
Any device which uses Wi-Fi with the commonly configured WPA2 protocol is at risk. However, some operational systems are more prone to the attack than others. Android and Linux systems are extremely vulnerable to KRACK attack because of the implementation. In those scenarios, the attacker can force the communication to use an all-zero encryption key rendering the security useless. Windows OS is comparatively immune to this attack, and Apple has already started rolling out patches for this.
How can I stay protected against the attack?
Many think that changing your Wi-Fi password can prevent this vulnerability, but it actually does not make a difference. Here are a few ways that you can stay protected from the risk of being attacked by someone: The KRACK attack can be malicious if ignored, but protecting yourself using the strategies above will ensure you and your information remain safe.
Recommended VPNs to use against the KRACK attack
The information above can be used to track you, target you for ads, and monitor what you do online.
VPNs can help you hide this information from websites so that you are protected at all times. We recommend ExpressVPN — the #1 VPN out of over 350 providers we've tested. It has military-grade encryption and privacy features that will ensure your digital security, plus — it's currently offering 49% off.
Visit ExpressVPN