We need to look at the security of the Wi-Fi network again

The most popular WiFi encryption standard - WPA2 can not be considered safe. The problem is that the user may not know if he is currently connecting to secure, or updated, routers or Access Points. The new KRACK (Key Reinstallation AttaCK) attack method is able to break WPA2 encryption, enabling criminals to read information sent between the device and its wireless access point using a variant of the popular - and usually often detectable - "man-in-the-middle" attack. KRACK breaks WPA2 protocol by forcing reuse of nonce in encryption algorithms used by WiFi. In cryptography, nonce is any number that can be used only once. It is often a random or pseudo-random number generated in the public key of the authentication protocol. As it turns out, the random numbers used in WPA2 are not completely accidental, which allows you to break the protocol. If the offender's operation is successful, he will gain access to the victim's data and to unsecured devices that have access to the same WiFi network.

How bad is this message?

The most important thing that WiFi users can do is ... keep quiet. Experts from Fortinet indicate that when using the appropriate steps, the data should be safe until the gaps are patched and the device software is updated.

First of all, the cybercriminal must be adequately close to the devices being attacked in order to intercept traffic between the terminal devices and access points:

Be especially careful when using public WiFi. Of course, this is not a new recommendation. Specialists have been talking about it for years - says Robert Dąbrowski, head of the Fortinet engineering team.

In addition, the attack has little effect on the security of information sent over the connection using additional encryption like SSL. Every time a user connects to an HTTPS site, the browser creates a separate layer of encryption that ensures security when using online banking or shopping. Therefore, pay attention to the padlock icon in the browser's address bar, especially when performing online transactions via a WiFi connection. The data will also be protected if you use the VPN, even if the WPA2 connection has been violated.


Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.