The majority of users are aware that connecting their favorite mobile device to an open wireless network is an open invitation for hackers to eavesdrop on their connection. When you connect to an unprotected SSID, any transmitted data is sent in open text form and can easily be intercepted by a nearby imposter.
While it is true that an SSL connection will encrypt the authentication process of with a protected site such as an online banking or healthcare establishment, there are other data types to be concerned with than just usernames and passwords. This includes corporate or proprietary knowledge, intellectual property, images, media files, emails and instant messages. An open connection opens you up to being hacked.
In order to protect non-SSL traffic, security conscious users should always utilize a wireless security protocol such as WPA2 when available. WPA2 has been used on all certified Wi-Fi hardware since 2006 and when integrated with AES, is the strongest encryption option available today and is the default choice for new routers. In turn, it should be utilized on all mobile devices as well.
WPA2 executes a handshake when a client wants to join a protected Wi-Fi network. The handshake is used to confirm that both the client and access point possess the correct credentials (pre-shared key). Once confirmed, the 4-way handshake negotiates a fresh encryption key that is then used to encrypt all subsequent traffic. With WPA2, your wireless sessions are encrypted, making your data fully protected from peering eyes and nefarious hackers.
Key Reinstallation Attack
Selecting a secure public Wi-Fi connection meant that our data sessions were fully protected, at least we thought so. Last month Mathy Vanhoef, a security expert at a Belgian University, discovered a serious weakness within the WPA2 protocol. The newly exposed vulnerability is called KRACK and as a result, a knowledgeable hacker within range of mobile device on any Wi-Fi network using WPA2 can capture your data. As a result, all of your transmitted data is vulnerable in a way it never was before. The exploit involves a key reinstallation.
Using WPA2, a wireless client installs a negotiated encryption key after receiving message 3 of the 4-way handshake. Once installed, the key is used to encrypt normal data frames using an encryption protocol. An inherent aspect in the design of WPA2 allows for the retransmission of message 3 in order to accommodate frame loss and traffic disruptions. Although this seems highly logical, KRACK allows an attacker takes advantage of the key reinstallation process and manipulate a targeted device to reinstall a kay that is already in use. By doing so, hackers can then replay packets. In cases in which WPA2 is paired with TKIP encryption instead of AES, packets can also be forged.
Unlike most exploits, KRACK does not involve vulnerabilities within a particular operating system, service, firmware version or device driver. It involves implementation flaws within the very design of the WPA2 protocol itself. This means that any device, access point or router using the global Wi-Fi protocol is susceptible. KRACK is effective regardless of whether the pass phrase is 8 characters or 16 and changing the password will have no effect in curtailing the threat. Most of the major operating systems are vulnerable in one form or another.
The only solution is for vendors to make patches available to fix the discovered protocol imperfection. Fortunately, vendors are doing just that, including but not limited to Aruba, Cisco, Google, INTEL, NetGear and Toshiba. Although new versions of the Windows OS were unaffected, the company has released a patch to be on the safe side.
So What Is There to Worry About?
So if vendors have released the corrective patches to combat this exploit, are we all in the clear. The answer is “No.” While you may be a diligent in keeping your mobile devices patched and up-to-date, the coffee shop owner whose café, you frequent regularly to peruse the Internet may not. Simply updating your own device does little to protect against KRACK if the router, AP or modem you are connecting to lacks the corrective patches. Many commercial establishments that use Wi-Fi as an added service for their customers know any more about Wi-Fi security than the users who frequent their establishments.
It is safe to assume that many business owners barely access the management console once the initial Wi-Fi connections are configured. What’s more, many small businesses use consumer grade network equipment that may not be supported by regular vendor release patches and updates.
Don’t Depend on Others for Wi-Fi Protection
It is probably safe to assume that at some point, you will be connecting to a Wi-Fi network that remains vulnerable to KRACK. With that being the case, why depend on others to protect your data? Rather than “hope” that your favorite storefront or restaurant is being diligent in the patching of their infrastructure, why not have the security of knowing that your Wi-Fi connections are always encrypted and secure, no matter where you are or what the state of the equipment is in a chosen network?
Security minded mobile users should take charge of their own mobile protection by using a VPN subscription service. When you utilize a VPN subscription, your connected sessions are fully protected endpoint to endpoint. Your data is encapsulated from your device itself to the private network that hosts the VPN service. This means that your data is safe regardless of what type of what type of Wi-Fi protocol you are using. VPN uses a different protocol called L2TP-IPSec that is not susceptible to KRACK as well. Any reputable VPN service utilizes enterprise grade equipment that is supported by a professional support team.
The KRACK exploit shows us just how potentially vulnerable we really are. Just as WEP was considered “safe” at one point, de-facto security protocols can eventually become exposed. Using a VPN subscription service gives you the peace of mind that your mobile sessions are secure in all Wi-Fi scenarios