Major security flaw in WPA2 protocol leaves all Wi-Fi networks insecure; 41 percent Android phones vulnerable to a 'devastating' variant of attack

Two security researchers have revealed a new and severe security flaw in Wi-Fi security protocol, WPA2. The researchers have termed this new exploit as ‘ KRACK’ which takes uses a number of flaws in the ‘key management’ of the WPA2 secured networks. The reason this is flaw is ‘devastating’, and ‘fatal’ is because WPA2 is a popular method to authenticate and protect Wi-Fi networks across the enterprise and personal settings. [caption id=“attachment_4148661” align=“alignleft” width=“380”] Image credit: Krackattacks[/caption] The researchers pointed out that about 41 percent of Android smartphones are vulnerable to ‘exceptionally devastating’ variant of a Wi-Fi attack as a result of the flaw as reported by The Verge. This comes right after US-CERT (United States Computer Emergency Readiness Team) issued a warning in the response to the exploit. The warning stated that since the issues lie on the ‘protocol-level’, this means that ‘most or all correct’ WPA2 implementations will be affected by this issue. The researchers added that all Wi-Fi devices are affected by the flaw and hackers can intercept data, steal data or even add ransomware code inside the page. They advised users to patch all Wi-Fi access points and clients when the fixes are available for the devices. However, one thing to note here is that the researchers asked users to continue using WPA2 as WPA1 is also affected by the flaw and WEP offers ‘worse’ security when compared to WPA2. According to a report by Ars Technica, the researchers have indexed the security flaws as, “CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088.” Ubiquiti and Aruba, the companies that sell wireless access points to the government and large corporations in the United States already have updates that patch or mitigate the danger.

Researchers posted a demonstration of the attack where Android and Linux-based systems ‘can be tricked into (re)installing an all-zero encryption key’. The interesting thing about this is that it affects devices running Android Marshmallow 6.0 or higher. The attackers can easily capture and decrypt the data as per the demonstration. The attack is not limited to capturing e-mail addresses or passwords but all the data can be decrypted. Hackers can even decrypt the data that is sent from the server to the access point or the user. Last but not the least, it is not known if hackers are already using the KRACK vulnerabilities to attack targets but Ars Technica states that if the flaw is easy to exploit for attackers then it is better to ‘avoid using Wi-Fi whenever possible’. Researchers have posted more details about the hack attack on the KRACK website.