A weakness has recently been discovered in the Wi-Fi Protected Access II (WPA2) protocol, which can allow attackers to intercept sensitive data transmitted over a Wi-Fi network. The attacker positioned within the range of the victim, uses a technique called Key Reinstallation Attacks (KRACKs) to eavesdrop on communications transmitted over the air. For example, attackers can steal credit card details, emails, passwords and so on. In some cases, it is also possible for attackers to manipulate data transmitted over the wireless network.
The weakness is in the Wi-Fi standard. To prevent the attack, users are advised to apply security updates on their wireless devices as soon as they become available.
Almost all wireless devices (laptops, mobile phones, wireless gateways, game consoles and other smart devices) are vulnerable to this attack. Kindly make sure that you update the operating system/software of all your devices. Where applicable, ensure that the ‘automatically check for updates’ option is enabled in System Settings/Preferences to ensure that your software is always up to date. Most operating systems’ vendors have already released necessary security patches for this vulnerability.
What is WPA2?
WPA2 is a wireless security protocol used to secure Wi-Fi networks. It was developed by the Wi-Fi Alliance to block access to uninvited guests onto a Wi-Fi network, as well as to encrypt data transmitted wirelessly.
How does KRACK work?
KRACK exploits a shortcoming in the ‘four-way handshake’ of the WPA2 protocol. The ‘four-way handshake’ is used to establish a Wi-Fi connection between a client and an access point, whereby encryption keys are exchanged.
Essentially, to guarantee security, an encryption key should be used only once. Unfortunately, this is not guaranteed by the WPA2 protocol. KRACK targets this vulnerability of the WPA2 protocol.
What is at risk?
Both sides of a wireless network are at risk:
- End user devices (e.g. laptops, smartphones)
- Internet gateways – devices installed to access the internet (e.g. ONT, router)
Note: In order to execute a KRACK attack, the attacker must have a device physically between the end user device and the internet gateway.
What is the solution?
i. End user devices
Ensure that all your end devices have the latest security updates. Always check for the latest software update.
ii. Internet gateways
Mauritius Telecom’s internet gateways (e.g. ONTs) are not impacted by this vulnerability. KRACK works on devices working in Client Mode with the 802.11r protocol. While our ONTs use Wi-Fi in AP mode and do not support 802.11r.
Does the attacker have to be near my network in order to attack it?
Yes. In order to execute a KRACK attack, the attacker must be between the end user device and the internet gateway.
Are both home and business users concerned by the attack?
Yes. End user wireless devices (like laptops, PC with Wi-Fi cards, mobile phones, SMART TVs and other smart devices) are concerned. Kindly ensure that all wireless devices have the latest security updates.
Must I change my Wi-Fi password?
Changing your Wi-Fi password will not prevent a KRACK attack. Instead, ensure that you download the latest security updates on all your wireless devices.
Must my internet gateway (i.e. ONT) be updated?
Mauritius Telecom’s home gateways (i.e. ONTs) are not affected by the WPA2 KRACK attack since they do not require security updates and do not support 802.11r.
I am unable to install the latest security update on my mobile phone. What shall I do?
If you are doing an important transaction online and you are concerned that others may be eavesdropping, disable Wi-Fi on your phone and use mobile data.
Retry to update your software.
What additional security measures can I take?
Look for websites starting with https when you are doing important online transactions, like online banking.
How to protect my business from this vulnerability?
Make a list of all the wireless devices in your company. Check out for the latest software releases for each device and update accordingly.