The KRACK WiFi Vulnerability Explained

KRACK---700

KRACK---700

BY JEREMY ROLLINSON/TOURtech CTO:

The KRACK vulnerability publicized on October 16th allows an attacker to intercept and decrypt wireless data sent between a device and WiFi router or access point it is communicating with.

When your device first connects to password protected WiFi a handshake takes place between the two devices which confirms you have the correct password and agrees the encryption keys. KRACK allows an attacker to obtain these keys and decrypt subsequent traffic. KRACK is much less of an issue today than it would have been 5 years ago, most websites that handle sensitive data now encrypt all traffic between your browser and their site using https.

The vulnerability exists in the WPA-PSK protocol that all WiFi devices use for encrypting traffic, that is why it received so much publicity. The vendors were given advanced warning of the vulnerability which allowed them to get a head start on releasing a patch. TOURtech networks in the field today are all running the latest vendor firmware that includes patches for KRACK.

What can you do to ensure your own security?

There are two main scenarios for WiFi use. Firstly, our own homes and businesses. Second, connecting to WiFi networks “in the wild”.

In your own home or business, you have control over your WiFi devices. Make sure to check the vendor website for any WiFi routers you use at home then download and apply the latest firmware. The process is similar for your office, but there will likely be more devices to update.

Once we are “in the wild” there is significantly higher threat. If you are connecting to any untrusted network, then you should be using a VPN service to add an additional layer of encryption to your internet traffic.

I personally use NordVPN. Other reputable services include PIA, trust.zone and mullvad. All of these providers offer applications you can use on your laptop and mobile devices and they are now very easy to use.

This advice applied well before KRACK became an additional threat, it’s discovery just elevated the threat level of untrusted networks.

If you’d like to read more about the KRACK vulnerability, these articles provide useful insight.

Electronic Frontier Foundation

The Next Web

Ars Technica

Be careful out there folks! If you have any questions at all please feel free to reach out to me directly on Twitter.