What is KRACK?
KRACK is an acronym for Key Reinstallation Attack. KRACK is a severe replay attack on Wi-Fi Protected Access protocol (WPA2), which secures your Wi-Fi connection. Hackers use KRACK to exploit a vulnerability in WPA2. When in close range of a potential victim, attackers can access and read encrypted data using KRACK.
How KRACK Works
Your Wi-Fi client uses a four-way handshake when attempting to connect to a protected network. The handshake confirms that both the client — your smartphone, laptop, et cetera — and the access point share the proper credentials, usually a password for the network. This establishes the Pairwise Master Key (PMK), which allows for data encryption.
Overall, this handshake procedure allows for quick logins and connections and sets up a new encryption key with each connection. This is what keeps data secure on Wi-Fi connections, and all protected Wi-Fi connections use the four-way handshake for security. This protocol is the reason users are encouraged to use private or credential-protected Wi-Fi rather than public connections.
KRACK affects the third step of the handshake, allowing the attacker to manipulate and replay the WPA2 encryption key to trick it into installing a key already in use. When the key is reinstalled, other parameters associated with it — the incremental transmit packet number called the nonce and the replay counter — are set to their original values.
Rather than move to the fourth step in the four-way handshake, nonce resets continue to replay transmissions of the third step. This sets up the encryption protocol for attack, and depending on how the attackers replay the third-step transmissions, they can take down Wi-Fi security.
Why KRACK Is a Threat
Think of all the devices you use that rely on Wi-Fi. It's not just about laptops and smartphones; numerous smart devices now make up the Internet of Things (IoT). Because of the vulnerability in WPA2, everything connected to Wi-Fi is at risk of being hacked or hijacked.
Attackers using KRACK can gain access to usernames and passwords as well as data stored on devices. Hackers can read emails and view photos of transmitted data and then use that information to blackmail users or sell it on the Dark Web.
Theft of stored data requires more steps, such as an HTTP content injection to load malware into the system. Hackers could conceivably take control of any device used on that Wi-Fi connection. Because the attacks require hackers to be close to the target, these internet security threats could also lead to physical security threats.
On the other hand, the need to be in close proximity is the only good news related to KRACK, as that means a widespread attack would be extremely difficult.
Victims are specifically targeted. However, there are concerns that a more experienced attacker could develop the skills to use HTTP content injection to load malware onto websites to create a more widespread affect.
Who Is at Risk
Everyone is at risk from KRACK vulnerability. Patches are available for Windows and iOS devices, but a released patch for Android devices is currently in question (November 2017). There have been issues with the release, and many question if all versions and devices are covered.
The real problem is with routers and IoT devices. These devices aren't updated as regularly as computer operating systems, and for many devices, security flaws need to be addressed on the manufacturing side. New devices should address KRACK, but the devices you already have in your home probably aren't protected.
The best protection against KRACK is to ensure any device connected to Wi-Fi is patched and updated with the latest firmware. That includes checking with your router's manufacturer periodically to see if patches are available.
The safest connection option is a private VPN, especially when in public spaces. If you want a VPN for personal use, avoid free options, as they have their own security problems and there will also be issues with HTTPs. Use a paid service offered by a trusted vendor like Kaspersky. Also, more modern networks use WPA3 for better security.
Avoid using public Wi-Fi, even if it has password protection. That password is available to almost anyone, which reduces the security level considerably.
All the widespread implications of KRACK and the WPA2 vulnerability aren't yet clear. What is certain is that everyone who uses Wi-Fi is at risk and needs to take precautions to protect their data and devices.