How to protect your Wi-Fi network from a Krack attack

The discovery of a vulnerability affecting the WPA2 Wi-Fi security standard has people in a spin. But how serious is it really, and what basic steps can you take to keep your network safe from a Krack attack?

Everyone should be burning their Wi-Fi network routers, stocking up on bottled water, canned food and ammunition, and heading for the hills – if the technology pages of some newspapers are to be believed.

Earlier this week, alarm bells rang around the infosec world after Belgian security researcher Mathy Vanhoef went public with a novel exploit he had identified called a key reinstallation attack – Krack for short – that could enable a hacker to read encrypted user data transiting a Wi-Fi network.

The Krack exploit – extensive technical details of which can be found on Vanhoef’s website – is particularly dangerous because it affects not end-user routers or devices, but WPA2, the security standard that underpins every Wi-Fi network in the world.

“The Krack problem is unfortunately a prime example of a design flaw as opposed to an implementation bug – that’s why Krack is so pervasive,” said Gary McGraw, vice-president of security technology at Synopsys. “Generally speaking, flaws have a much greater impact than bugs and are harder to fix.”

The immediate concern arising from the discovery of Krack is that there is a possibility that every Wi-Fi network in the world could be breached. But will they be? In practice, it may not be that likely, according to the Wi-Fi Alliance, the industry body representing the wireless sector.

Continue reading…