KRACK, which stands for Key Reinstallation Attack, is a newly discovered bug that targets WPA2, the security protocol that kicks in when introducing new devices to a password-protected network.
The vulnerability puts almost any Wi-Fi device at risk of hijacking or eavesdropping, as Zack Whittaker from ZDNet reports. Discovered by Mathy Vanhoef, a computer security academic, the flaw was confirmed Monday by US Department of Homeland Security’s computer emergency readiness team, US-CERT.
Experts describe the function of the protocol as managing a four-way “handshake”–or process–that ensures the session is secure. It begins when a device tries to access a network. From there, the access point that provides the network verifies the password used and then generates a new randomly generated key that’s used only that one time.
It’s at this point that the security protocol becomes vulnerable, giving hackers the opportunity to record and potentially reuse the cryptographic key. With that, they can spy on network traffic and corrupt data packets.
According to Whittaker’s article, “The cyber-emergency unit has since reserved 10 common vulnerabilities and exposures (CVE) records for the various vulnerabilities.
Cisco, Intel, Juniper, Samsung, and Toshiba are among the companies affected.”
Security journalist Brian Krebs provides some assurance. “As scary as this attack sounds, there are several mitigating factors at work here. First off, this is not an attack that can be pulled off remotely: An attacker would have to be within range of the wireless signal between your device and a nearby wireless access point.”
Other positive news as reported by Wired: “Most current versions of iOS and Windows aren’t vulnerable, or are only vulnerable in one niche circumstance, because of the way Apple and Microsoft implemented the WPA2 standard to prevent resends of the third handshake message.”
Read the full story at ZDNet.