Home > Internet

How to Protect Yourself from KRACK WiFi Vulnerability

By Simon Batt
How to Protect Yourself from KRACK WiFi Vulnerability Featured Image

Recently, a major flaw in WiFi’s WPA2 protocol was revealed to the world. This flaw allows a hacker to peek at a user’s network traffic and learn information such as sensitive passwords and private information. It was given the name “KRACK” (which stands for “Key Reinstallation Attack“) and works by exploiting a point of weakness that occurs when someone logs into a WiFi network with WPA2 security.

How Does It Work?

krack-router

When your computer wants to talk to your router, it will need an encryption key to do so. These keys should only be used once in order for them to be effective, but an exploit has been discovered that forces a connection to use an old key again. This flaw occurs during the “4-way handshake” when your computer logs onto a WiFi network. This handshake is, essentially, a series of security formalities your computer and router undertake when connecting.

krack-handshake

Step three of the 4-way handshake involves the router handing a fresh encryption key to the computer. If the router doesn’t receive a message from the computer saying it received the code, it will resend it to make sure the computer received it. If a computer detects that step three has been resent, it will reinstall the encryption code. However, this re-installation resets its cryptographic nonce to its default value which compromises the encryption.

Hackers exploit this by watching the traffic as someone connects. When they detect a connection, they copy the router’s transmission during step three of the handshake and send it to the victim’s computer. The computer, now seeing two identical transmissions, thinks the router is re-sending step three. This causes a reinstallation of the key, which then resets the nonce.

Now that the computer is using an old nonce that has been used before, the hacker can get past the encryption and read the data packets. This completes the KRACK WiFi vulnerability method. A more in-depth description of the attack can be found on the KRACK Attacks website.

Oh4WURZoR98 maxresdefault

How to Protect Yourself

The main problem with the KRACK WiFi vulnerability is that it’s not targeting a specific device or OS. This is exploiting the WPA2 encryption standard which is used by every device with WPA2 WiFi capabilities. Given how WPA2 has been a popular WiFi standard for a long time, this affects most computers, devices, and routers that connect to the internet via WiFi.

In order to stay safe from KRACK, you can do the following to help protect yourself.

Update Your Devices and Routers

With this being such a huge exploit, the companies that use WPA2 in their products are pushing to get a fix out. This includes both operating systems and routers. For your operating system, check for any updates to see if a patch has been rolled out. Windows has already published a patch that fixes this issue, so make sure you’re up to date on your Windows Updates. For your router, check to see if a firmware update has been pushed that patches this vulnerability. If not, get in contact with its manufacturer for any updates.

Don’t Use Public WiFi

Public WiFi has always been a honeypot for hacking attempts, and this new exploit does not help matters. If the owner of the public WiFi hasn’t updated its router’s firmware, it may still be susceptible to the KRACK WiFi vulnerability. As such, it may be a hotspot for a hacker trying to glean personal information from the packets. For the time being, try not to use public WiFi connections. If you have to use one, try not to enter any personal information while using it.

Use Sites with HTTPS

When you’re logging into sites, make sure the security certificate beside the website says “HTTPS.” A KRACK can strip the connection of HTTPS encryption to read the data within the packets. If you see a HTTPS certificate on a website, your connection should still be secure. If it’s gone, it’s a sign that something has gone very wrong. Do not enter your information into sites without a HTTPS certificate, especially if it had one previously.

Get Off WiFi Altogether

krack-no-wifi

If you can’t update your devices or your router, you can go the WiFi-less route instead. Set mobile phones to use cellular data for the time being and connect computers and laptops to your router via Ethernet. The KRACK WiFi vulnerability won’t affect you if you don’t use WiFi at all, so this will keep you safe from any potential attacks.

Cracking Down on KRACK

While KRACK is a serious issue that affects a lot of devices worldwide, efforts are always underway to fix it. Now you know how KRACK works and how to protect yourself from the attack.

Does the KRACK WiFi vulnerability worry you? Let us know below.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Simon Batt Avatar
Simon Batt
Simon Batt is a Computer Science graduate with a passion for cybersecurity.

Read next

Intricate network of tree roots and moss on a forest hillside, showcasing nature's resilience.
Suzanne Simard sealed paper birch and Douglas fir seedlings inside plastic bags, fed them carbon-14 and carbon-13 dioxide, and nine days later found carbon had crossed between species through fungal threads in the British Columbia soil beneath her boots
Close-up of glowing jellyfish swimming gracefully in deep green ocean waters.
A species of jellyfish called Turritopsis dohrnii can revert its adult cells back to a juvenile polyp stage when injured or starving, effectively restarting its life cycle, and biologists have so far failed to identify any natural limit to how many times it can do this.
Elderly man with beard and bandana, reacting to smartphone while seated indoors.
A Japanese man named Jiroemon Kimura, who lived to 116, was born in 1897 when Queen Victoria still ruled and died in 2013, meaning a single human life personally overlapped with the invention of the airplane, the atomic bomb, the internet, and Instagram
A lively view of Hollywood Boulevard with iconic landmarks and busy street life under a clear sky.
The Hollywood sign originally read HOLLYWOODLAND when it was built in 1923 as a real estate advertisement for a housing development, and it was only meant to stand for 18 months, but nobody ever got around to taking it down and the city eventually adopted it as a landmark
Almost all of the world’s internet traffic does not travel by satellite but through fibre-optic cables lying on the ocean floor, a hidden web of wires crossing the deepest parts of the sea to connect the continents.
People who flip their phone face down on every table aren’t being secretive. They figured out that staying interruptible meant handing their time to whoever rang first
Twitch Vs Youtube Gaming Vs Facebook Gaming Featured
Twitch vs. Facebook Gaming vs. YouTube Gaming: What’s the Best Live Game Streaming Platform?
Laptop on a table with Chrome extensions page and a solid infect extension icon on display
Chrome Extensions Ownership Transfer is a Direct Threat to You: How to Stay Safe