Is WPA2 Encryption Still Safe?
What happens when WiFi becomes unsecure? What if all of a sudden, anyone could potentially be listening into any communication happening over a network? Sounds like a scenario from a Sci-Fi movie right? Unfortunately, it's actually happening right now... Well, kind of. Recently, KRACK (Key Re-installation Attack) has successfully broken the WPA2 (WiFi Protected Access) method of encryption, a security feature "used on all certified WiFi hardware since 2006" (learn more about WPA2 here). If this common security feature for WiFi has been broken, how are we going to keep our data from being stolen?
First of all, it is important to note that there are security redundancies. WPA2 is not the only encryption method used for network communications. For example, if you are on a website with https at the front of the URL, then any communication between your browser and the website is already being encrypted through https. So while you should still be cautious, it is unlikely that you will be communicating over a network that relies solely on WPA2. Secondly, don't freak out and think that anyone anywhere is all of a sudden going to swoop in and eavesdrop on your device's communications. An attack must be in proximity, as Alex Hudson points out in his post about the WPA2 encryption being broken.
So what exactly is going on with this attack, and who will it affect? Essentially, an attacker using the KRACK method against WPA2 is making a copy of a network within range. By doing this, whoever tries to join the secure network is instead rerouted to the copy created by the hacker. So who will be vulnerable to these attacks? As stated earlier, attacks need to be in proximity, so if you are within range of someone trying to "sniff" the network, you are a potential victim. Android users specifically should be careful, because as Tom Warren states, 41% of Android devices are at risk to this attack. That is not to say that iPhone users are completely safe. This is a protocol issue, not a brand issue, however it is much easier for Apple to push out a security patch than it is for Android (you can read more about the reason for that here). Luckily there is a way to find out if the network you joined is the hacker's copy. In some cases, the attack will force a connection to bypass https. If that is the case, if you visit a website that uses https and notice that the URL does not have it, you are most likely on the copied network.
While the breaking of the WPA2 encryption is unfortunate, it is not the end of the world. There are other ways of making sure network communications are encrypted, and firmware and operating system updates should be arriving soon. In the meantime, it is best to stay calm and be cautious of the data you share over a WiFi connection, but you're already doing that... right?
First of all, it is important to note that there are security redundancies. WPA2 is not the only encryption method used for network communications. For example, if you are on a website with https at the front of the URL, then any communication between your browser and the website is already being encrypted through https. So while you should still be cautious, it is unlikely that you will be communicating over a network that relies solely on WPA2. Secondly, don't freak out and think that anyone anywhere is all of a sudden going to swoop in and eavesdrop on your device's communications. An attack must be in proximity, as Alex Hudson points out in his post about the WPA2 encryption being broken.
So what exactly is going on with this attack, and who will it affect? Essentially, an attacker using the KRACK method against WPA2 is making a copy of a network within range. By doing this, whoever tries to join the secure network is instead rerouted to the copy created by the hacker. So who will be vulnerable to these attacks? As stated earlier, attacks need to be in proximity, so if you are within range of someone trying to "sniff" the network, you are a potential victim. Android users specifically should be careful, because as Tom Warren states, 41% of Android devices are at risk to this attack. That is not to say that iPhone users are completely safe. This is a protocol issue, not a brand issue, however it is much easier for Apple to push out a security patch than it is for Android (you can read more about the reason for that here). Luckily there is a way to find out if the network you joined is the hacker's copy. In some cases, the attack will force a connection to bypass https. If that is the case, if you visit a website that uses https and notice that the URL does not have it, you are most likely on the copied network.
While the breaking of the WPA2 encryption is unfortunate, it is not the end of the world. There are other ways of making sure network communications are encrypted, and firmware and operating system updates should be arriving soon. In the meantime, it is best to stay calm and be cautious of the data you share over a WiFi connection, but you're already doing that... right?
No comments: