Security experts warn that all Wi-Fi networks are vulnerable to hacking after a Belgian researcher managed to break through a protective security protocol implemented in most of the world’s routers.
Whilst unsurprising, given all the major hacks that have happened lately (Yahoo, Equifax, HBO), confirming it still makes us all feel a little uneasy.
The researcher, Mathy Vanhoef, was studying the WPA2 security protocol used in wireless networks when he came across the vulnerability, and the result means that all devices that have a Wi-Fi connection could be affected by the weakness.
Vanhoef’s findings mean that any router that uses WPA2 Wi-Fi will reportedly carry the flaw, rather than any specific device made by a particular manufacturer or model.
Vanhoef gave this warning:
“We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs)… The attack works against all modern protected Wi-Fi networks.”
All modern routers reportedly use the ‘4-way’ handshake to verify the credentials of the person wanting to access a protected Wi-Fi network against the server’s password. The 4-way handshake creates a fresh encryption key to encrypt data each time someone new joins the network. The key reinstallation attack is “achieved by manipulating and replaying cryptographic handshake messages,” meaning attackers can essentially deceive users into reinstalling a key that has already been used, allowing the hacker to attack the encryption protocol.
This vulnerability that reportedly affects most of the world’s routers could allow hackers to get in between the Wi-Fi traffic exchanged between devices using the same connection. As most laptops, tablets, printers and other mobile devices use the same wireless access point, hackers could infiltrate the connection and steal private information.
Working with Belgian University KU Leuven, Vanhoef warns that hackers can use this method of attack to steal sensitive information that was “previously assumed to be safely encrypted“, including financial information, login details, online messages, e-correspondence, digital photographs etc.
It’s not just information being taken that’s worrying; hackers who get in could inject harmful malware, and hold your data for ransom!
However, the one good news is that the hackers wanting to expose this vulnerability must be physically close by. Britain’s National Cyber Security Centre produced a statement emphasising the need for physical proximity. It also notes that the potential weakness “would not compromise connections to secure websites, such as banking services or online shopping,” – i.e. websites that usually have a padlock icon in the URL bar.
Publication of the report must have reached Apple, Google, Microsoft etc. We now rely on them to keep producing up-to-date software to patch up these vulnerabilities. However, security research fellow at UCL, Dr Steven J Murdoch, warns that “many manufacturers do not fix vulnerabilities in their products which they are not actively marketing.” This could mean that users of older or less popular devices could be left in the dark with no one to check up on security protection.