Wi-Fi security no longer secure, say researchers

This exploit lets attackers eavesdrop on traffic between computers and wireless access points


Tech Desk October 16, 2017
Man poses in front of on a display showing the word 'cyber' in binary code, in this picture illustration taken in Zenica December 27, 2014. PHOTO: REUTERS

Hackers have found a new way to trespass your system. A new exploit called KRACK that takes advantage of vulnerabilities in Wi-Fi security lets attackers eavesdrop on traffic between computers and wireless access points.

CIA could potentially hack your router, according to WikiLeaks

The United States Computer Emergency Readiness Team issued the following warning in response to the exploit:

“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on October 16, 2017.”

According to Ars Technica, the exploit takes advantage of several key management vulnerabilities in the WPA2 security protocol, the popular authentication scheme used to protect personal and enterprise Wi-Fi networks.

Symantec attributes 40 cyber attacks to CIA-linked hacking tools

The vulnerabilities are scheduled to be formally presented in a talk titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 scheduled for November 1 and it seems like the fight against hackers and cyber-criminals doesn't seem like it is going to be ending anytime soon.

This article originally appeared on Ars Technica.

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ