Wireless Devices Subjected to Risk of Hacks with Wi-Fi Security Flaws

By CIOReview | Wednesday, October 25, 2017

WiFi technology has become an indispensable part in our everyday lives. It has grown from a promising technology for tech-savvy early adopters to a must have for connected devices of all kind, as most of us are keen to tap into the wireless Internet from our offices and homes. At this point, researchers have revealed that there is a major flaw dubbed Key Reinstallation Attack (Krack) and Wifi connections used everywhere around the world are at risk.

Though modern higher-reliability Wi-Fi networks have their traffic encrypted by a protocol WPA or WPA-2, which protects data as it travels from a computer or smartphone to a router, if exploited, gives the attacker a skeleton key to access any WPA2 network without a password. When a system uses Wifi to connect to a router for instance, it goes through a four-step dialogue, whereby the two devices agree a key to use to secure the data being passed—called handshake. This attack starts by tricking a victim into reinstalling the live key by replaying a modified version of the original handshake. Meanwhile, a number of important set-up values can be reset, which renders certain elements of the encryption in a much weaker phase. Once they are in, they can hijack connections, and inject content into the network traffic stream. The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices—positioning all the Wifi supported devices at risk.

Windows and the advanced versions of Apple’s iOS are greatly protected from the flaws, according to a researcher. To cite an example, few months back the ransomware attacks locked up computers worldwide, demanding payment from people and companies in return for renewed access to vital information and systems. However, with all these flaws the trend in Wi-Fi dependence is not slowing down, it is rather significantly increasing with greater consumer expectation.