Wifi WPA2 security cracked: all platforms vulnerable, but Android 6.0+ especially so

Ajustar Comentario Impresión

The vulnerability is around wifi protected access II protocol, or WPA2, a way of protecting wifi networks using a method of encryption known as pre-shared key (PSK) authentication.

The US government's cyber security department, United States Computer Emergency Readiness Team (US-CERT), issued a warning about the KRACK exploit to around 100 organisations earlier today.

The Wi-Fi Protected Access II (WPA2) protocol that protects nearly all WiFi networks has been cracked, potentially compromising every home or business router, iPhones, Android smartphones, Windows and Linux operating systems - anything that relies on, or uses, WiFi.

A successful KRACK attack would allow an adversary to not only decrypt network traffic from a victim device on a WPA/2 network, but also to hijack connections and inject malware or ransomware into unencrypted HTTP connections - such as websites visited by the victim device. "Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted", Marthy Vanhoef, a security expert at Belgian university KU Leuven, wrote in a detailed report (PDF) outlining the vulnerability.

No matter how strong the passwords of Wi-Fi devices at your home or workplace are, if your devices are not updated with new patches, hackers will be able to compromise protocol-level security flaws to eavesdrop on your Wi-Fi traffic at all times. It's also very important to know that the hack can affect all protected Wi-fi networks.

Dr Vanhoef said that 41% of Android devices were vulnerable to this, with the empty encryption key effectively leaving communications unencrypted. So if your bank uses it to secure your financial data, for example, an attacker wouldn't be able to grab it.

The exploit can apparently be leveraged in the third stage of the aforementioned four-way handshake, during which the encryption key can be resent multiple times, and the encryption subsequently undermined using a cryptographic nonce (which is short for "number used once"). It allows an attacker to remotely extract decrypted data from a protected Wi-Fi network without knowing the password. An attacker could now read all information passing over any wifi network secured by WPA2, which is most routers, both public and private.

"The weaknesses are in the Wi-Fi standard, and not in individual products or implementations". Initial research shows that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, are among those that are affected by some variant of the attack. According to a statement by the WiFi Alliance "This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users".

"It is likely that some products, particularly Android smartphones, and Wi-Fi routers, will never be fixed". Aruba has posted a memo and updated firmware to address this issue. The researchers presented this related research in August at the Black Hat Security Conference in Las Vegas.

But before you go yanking out your router, Vanhoef said that the WPA2 protocol can be patched and updated to plug the security flaw the researchers discovered.

Wired Equivalent Privacy (WEP) was the norm back in 1997 when the 802.11 Wi-Fi standard was introduced.