KRACK is the name of a current WLAN security vulnerability resulting from a vulnerability in the WPA2 protocol. The shortcut stands for Wi-Fi Protected Access 2 and therefore for a security standard in Wifi networks of the standards IEEE 802.11a, b, g, n and ac, however, an update of this security protocol now seems to be necessary – a KRACK attack, as many sources report, can hit every single WLAN device. In this article, I would like to explain the topic a bit more.
All routers affected by KRACK security holes
The risk is independent of the WLAN router used or the device which is selected in the corresponding wireless network. The security gap is located in the worldwide and almost everywhere used security standard WPA2. This is the encryption but can be attacked and serve as access to the individual devices. The dangers here are espionage, the placing of malicious software by attackers and the like.
What can happen to me as an attacker?
As mentioned above, attackers could place malicious software (viruses, trojans, ransomware, etc.) on the device used. Also, passwords, emails, chats, photos, other files, and credit card numbers can be stolen. However, and this is the positive side, end-to-end encrypted data paths are secure. This means that, for example, the Google password or the bank data for online banking cannot be read out per se. Who uses a network printer over WLAN, with which perhaps unwanted printings could appear – depending on how creatively the hackers show.
According to Spiegel Online, Linus Neumann, spokesman for the Chaos Computer Club (CCC) said the following on KRACK and online banking:
am not aware of an online banking provider that would be successful with this attack method. “- However, the addition:” If, for example, a certificate warning spills, one should in no case simply click away – certainly not at the Onlinebanking. “
What is the solution to the problem?
The solution consists of updates from device manufacturers. Not only are the manufacturers of routers responsible, but also and above all the manufacturers of end products such as computers, laptops, smartphones, tablets, printers and other WLAN devices. A hardware update is not necessary, but a software update, which can be offered and distributed quite quickly. So keep your smartphone, tablet, and notebook always up-to-date, no matter what devices you use and activate the system’s automatic updates for the next time.
What should I do, how do I remain safe?
At this point, you could point out sources that describe how precisely the vulnerability works, how to hack and how to use KRACK for attacks. However, I do not want to open up opportunistic hackers. Therefore, here are some tips that you can follow without having to understand the WPA2 vulnerability KRACK down to the smallest detail:
- A safe This also affects HotSpots from network operators such as the Telekom or technical-size like Google. The best way to turn off the Wi-Fi function on the go. ( Instructions: disable WLAN under iOS 11 )
- Whether it is an active exchange of data (personal data, Kontodaten, files like photos and videos) or merely the calling of a website: make sure that it is a secure server. As with this blog also, you find in the top of the address bar of the browser the reference to a secure connection: HTTPS
- If you use a secure (and therefore probably paid) VPN service, then leave it permanently activated. Now, to log on the head overhead with a free VPN provider does not bring much if this can not offer optimal data security.
- If possible, renounces the WLAN connection and uses an Ethernet or LAN connection with the respective network/router. Because the security vulnerability KRACK refers only to 802.11 Wifi connections, you are secure with wired internet.
- Check for updates or inform your manufacturer of your devices about an update regarding the KRACK security gap in WPA2.
Is KRACK dangerous for macOS, iOS, watchOS, and tvOS?
Since Monday, 16 October 2017, Apple has released for iPhone, iPad, and iPod with iOS, for Mac, iMac, and MacBook with macOS as well as for watchOS on the Apple Watch and for tvOS beta versions, which have a fix/patch for the To have a problem. The online magazine iMore, Apple has confirmed the knowledge about the KRACK security gap and the corresponding revision:
” Apple is deeply committed to protecting our customers’ data. The fix for the KRACK WLAN vulnerability is currently available in the beta of iOS, macOS, watchOS and tvOS and will soon be delivered to customers. “
If you do not have the developer betas for developers or the public beta versions, but you only want to keep official updates, then you should consider the above-mentioned tips. Soon, however, from the betas but regular updates would result, which will then assure you again completely. Apple is on the point.
Spatial proximity: The most important prerequisite
If you use your WLAN in your house in the country, you do not need to worry. As is the result of the WLAN technology and how to read in many media, an attacker who wants to hack your WLAN devices via a KRACK weak spot needs a certain spatial proximity. In the public café, in the multi-family house, in the neighborhood, in the office complex or at the station HotSpot, you are therefore more at risk.