We all love wireless networks. Not having to contend with cables which can be snapped or trip you over is the stuff of dreams come true. Here in Zimbabwe more so as we mostly use our mobile phones to access the internet. When it comes to internet access we have come to rely on Wi-Fi and it has served us well.
As we do our browsing over Wi-Fi the wireless network has to be protected, making sure we are safe from hackers and malware. The most popular security protocol used to protect Wi-Fi connections is Wi-Fi protected access 2 (WPA2) and it was one of the most secure wireless protection systems. Your wireless connection is probably protected by WPA2.
Researchers have found vulnerabilities in WPA2 and it turns out it can be breached relatively easily. Relatively easily for a hacker.
The hack
It works by exploiting the four-way handshake used to set up a key for encrypting traffic between a device and access point. In the third step of the handshake, the key can be resent multiple times. If done in a specific way, a cryptographic nonce may be reused – allowing an attacker to eavesdrop on the rest of the Wi-Fi traffic in that session.
The exploit is being called KRACK, Key Reinstallation Attacks. It is most effective against devices running Android, Linux and OpenBSD and to a lesser extent macOS and Windows.
What can the hacker do or obtain?
The hacker can intercept all kinds of data presumed to be encrypted, passwords, emails and more from a vulnerale access point or device. The hacker can also inject malicious content into a website the user is visiting e.g ransomware.
The hacker could also use your internet connection for themselves. They could deplete your bundle if it is capped whilst downloading HD movies or whatever they want. Or worse they could be up to illegal stuff and would use your access point for that.
This point is why we should be allowed to restrict access by MAC address. It is not fool proof but it is an extra layer. So I’m looking squarely at ZOL as I say this. We need to be able to restrict access by MAC address, make it happen.
Are you in danger?
The hacker has to be in proximity and so you are not vulnerable to everyone on the internet, especially the infamous Russian hackers. The hacker has to physically be close to your access point or device so that’s a weak layer of security you have there.
There are other security layers and if you are visiting secure websites (HTTPS-protected) youmay be safe. It’s not fool proof though since improperly configured sites can be forced to drop from encrypted HTTPS to unecrypted.
What can you do?
The best you can do is avoid Wi-Fi if that’s possible and use wired connections. If not possible, for those smartphones especially, read on.
You may want to stick to secure websites to safeguard the information sent over your network. Those websites with the padlock in the address bar. Work on patches is already under way and be sure to update your wireless router and devices when those patches become available.
Your second best bet safety measure is using a VPN. Care however should be taken when choosing one.
7 comments
Thank you for the constant tech updates, I am an avid follower however, I do not know whether this article is there to teach people how to hack or to safeguard us from such? Why is the methodology for hacking included in the article, I think you are giving people ideas here.
If you’re skilled enough to hack the wifi, you’re skilled enough to spoof your mac. #justsaying
From the verge: “THE GOOD NEWS: IT’S HARD FOR HACKERS TO EXPLOIT
The good news is Krack is a wide but shallow bug: nearly every device that uses Wi-Fi is vulnerable, but the attack itself is difficult to execute and not as damaging as you might expect. Taking advantage of this bug would take a lot of preparation and a very specific target, which is very good news in the short term.” https://www.theverge.com/2017/10/16/16484824/krack-wifi-encryption-bug-vulnerability-install-patch
Thanks for the Verge link pal…, it led me to an interesting blog
https://concisewriteups.wordpress.com/
Years ago, when working on POS payment systems, there was an alternative to MAC called DUKPT (derived unique key per transaction) which is a key management technique based on the ANSI standard/spec. I don’t know why this is not used, maybe of the overhead of generating a new key for every transaction? With billions of devices worldwide, the KM system might just fall-over??
Apparentltly the WPA2 exploit has got all the major vendors in a state of panic and all the lies about high fidelity equipment have come to a crash (Sony, LG, Apple, Google, 3Com the list is long). meaning every wifi interface is affected.
Says one article, “We’re likely to see related exploits popping up for years to come, potentially until the industry moves to the next Wi-Fi encryption standard.”
Its not wifi only which can be easliy be hacked nowadays , even ATM cards, Facebook , gmail accounts are being hacked here in Zimbabwe, so a good secured password plus the use of VPN is always a good idea
1. A MAC address is not an arbitrary thing you can depend on, in fact it is trivial to to change the MAC address of NIC. Worse still devices are come with MAC randomization as a security feature.
2.KRACK does not affect access points it affects clients i.e your phone, your computer and patches have been rolled out.
There is just no way to fix this, to fix it u need to update ur router{if the manufacturer has released a patch}
1. due to us being decades behind first world countries , you’d find that most routers used have no updates.
2. we are decades behind first world countries , let that stick.
anyone who wants to hack you , can