Key Re-installation Attack is a security flaw in the Wi-Fi protected Access 2 (WPA2) protocol that gives an advantage to a hacker to break the encryption between router and a device. This mostly occurs during a four-way handshake process when users are trying to connect to a Wi-Fi network. The adversary interferes with the network traffic when the device is verifying whether the password is correct, which enables it to establish a secure connection with the router. KRACK exploiters need to be in close proximity to the device and within the wireless network in order to launch that attack.
A KRACK attack means that the adversary intercepts the initial handshake between the device and router and decrypts the traffic exchange over Wi-Fi. He/she is able to interfere with the access point and emit his/her own data packets back to the user’s system or the router. They can either modify or change content on non-secure websites and gain access to attached storage devices and personal information without requiring a password. This can be dangerous especially for large companies whose servers are attached as data breach has become increasingly risky and costly. KRACK attack targets all WIFI devices connected by users as they trigger a breakdown of WPA2 security protocol. Once they penetrate the system, attackers have the ability to tamper with messages, emails, personal data and credit card information. This is damaging for anyone, especially if you have made purchases or paid bills online.
KRACK remedies begin at using updated WPA2 protocol for the networks as it remains the most secure. Users can use Virtual Private Network (VPN) that encrypts internet traffic protecting against an attack and privacy breaches. KRACK attacks may also be reduced by adherence to strict use of HTTPS sites. Users should also secure updates on all devices and operating systems from manufacturers. Multiple software companies are also on the alert to curb KRACK attacks as they have released several backwards compatible patches including apple’s release of betas of iOS11. It’s important to note that changing of passwords is not an effective remedy against KRACK attacks because attackers circumvent device passwords no matter how secure they are.
Wi-Fi alliance requires its members to test devices being released to the market for KRACK using vulnerability detection tools. For clients that use more sensitive information like online banking and e-commerce, it is critical to use SSL certificates to dampen the impact of KRACK. Making sure that you obtain the appropriate updated patches for all Wi-Fi enabled devices renders them impervious to KRACK attacks.