AfterDawn: Tech news

Every WiFi network in the World is now non-secure - WPA2 encryption broken

Written by Petteri Pyyny (Google+) @ 17 Oct 2017 3:58 User comments (13)

Every WiFi network in the World is now non-secure - WPA2 encryption broken Researchers from Belgian university KU Leuven have managed to find a way to break WPA2 encryption used as the "strongest" encryption available in WiFi networks. They published their findings yesterday and now the security organizations across the globe are trying to find ways to curb the problem.
Researchers managed to break the WPA2 encryption by using so-called KRACK (Key Reinstallation Attack) attack against the encrypted network. Breaking the network encryptyin isn't exactly a trivial one, as it requires installing a WiFi router with fake MAC address and to place that router within the WLAN network's reach.

Those most in danger now are the corporations that handle sensitive data within their networks and transfer messages within their own WiFi network without further encryption, relying on WPA2-encrypted network.

Thus, security organizations now recommend that eveyrbody who handles sensitive data and transmits that within a WiFi network should start using SSL/TLS (basically, all web connections that are used for, say, intranet, should use https), SSH and VPN connections.

Basically all WiFi networks should now be treated as non-secure and shouldn't be used to transmit sensitive data within or from them without further encryption.

The findins were released on this site by the researchers, detailing the specifics behind the flaws in WPA2.

WPA2 isn't used on mobile data networks.

EDIT: Some operating systems have already been updated to overcome some of the vulnerabilities found by the researchers. But despite originally publishing their findings in May, 2017, still all major operating systems have at least some problems with the vulnerability - including Windows 10, macOS, iOS, Linux and Android.

Previous Next  

13 user comments

117.10.2017 5:44

I thought it was already unsecure as there was a finding that all WiFi routers including the ones from D-Link, Netgear, Cisco except for the Apple router were vulnerable.

This message has been edited since its posting. Latest edit was made on 17 Oct 2017 @ 5:45

ASUS G73JW | Intel Core i7-740QM, 1.73GHz | 8GB DDR3 | Nvidia GeForce GTX 460M, 1.5GB | OCZ 120GB SSD + Seagate 500GB Hybrid 7200rpm | 17.3" FHD/3D | Blu-ray Write | Win7Pro64

217.10.2017 9:49

Originally posted by mukhis:
I thought it was already unsecure as there was a finding that all WiFi routers including the ones from D-Link, Netgear, Cisco except for the Apple router were vulnerable.
KRACK Wi-Fi attacks shouldnt harm updated Windows PCs

look this phrase up in google for link

317.10.2017 10:56

Thank you for this information.
So, what do we do to protect our networks?
Peace,
Fernando

417.10.2017 12:14

Would using MAC filtering help?

517.10.2017 12:30

Originally posted by mukhis:
I thought it was already unsecure as there was a finding that all WiFi routers including the ones from D-Link, Netgear, Cisco except for the Apple router were vulnerable.
You are absolutely correct this is just a different way to attack a network. MAC filters would be an issue as you would have to enter all MAC's into the router which takes away from open, it would be a real pain for a business.

617.10.2017 13:11

Originally posted by Mr-Movies:
Originally posted by mukhis:
I thought it was already unsecure as there was a finding that all WiFi routers including the ones from D-Link, Netgear, Cisco except for the Apple router were vulnerable.
You are absolutely correct this is just a different way to attack a network. MAC filters would be an issue as you would have to enter all MAC's into the router which takes away from open, it would be a real pain for a business.
With MAC filtering, I was mainly meaning for a home user. I didn't know how secure it is considered.


718.10.2017 0:34

Originally posted by Mr-Movies:
MAC filters would be an issue as you would have to enter all MAC's into the router which takes away from open, it would be a real pain for a business.

+1
I have used MAC for my home computers and mobile devices in the past, but then I gave up as I never needed that much security. MAC, although painful, but is helpful for corporate networks indeed as there are sensitive info that are dealt with.

ASUS G73JW | Intel Core i7-740QM, 1.73GHz | 8GB DDR3 | Nvidia GeForce GTX 460M, 1.5GB | OCZ 120GB SSD + Seagate 500GB Hybrid 7200rpm | 17.3" FHD/3D | Blu-ray Write | Win7Pro64

818.10.2017 9:03

Originally posted by Mr-Movies:
Originally posted by mukhis:
I thought it was already unsecure as there was a finding that all WiFi routers including the ones from D-Link, Netgear, Cisco except for the Apple router were vulnerable.
You are absolutely correct this is just a different way to attack a network. MAC filters would be an issue as you would have to enter all MAC's into the router which takes away from open, it would be a real pain for a business.
Not to mention, MAC filtering in itself is flawed. All one has to do to over come this security measure is enable MAC spoofing.

premodded playstation 2 w/magic 3.1 mod chip installed
premodded xbox w/duox2 modchip installed
1.5 modded PSP

919.10.2017 19:04

It will still take expertise, time and $$$ to successfully crack WPA2 networks......Most people are lucky if they install DD-WRT on their router without any issues let alone hack WPA2 with routers that use custom firmware so I don't think that the risk is widespread.....

1019.10.2017 19:50

Originally posted by ivymike:
It will still take expertise, time and $$$ to successfully crack WPA2 networks......Most people are lucky if they install DD-WRT on their router without any issues let alone hack WPA2 with routers that use custom firmware so I don't think that the risk is widespread.....
That's just not true. If you dig around the internet you can find tools that will aid most anyone to break into WiFi networks, I plead the 5th amendment now. LOL

1119.10.2017 20:21

Originally posted by Mr-Movies:
Originally posted by ivymike:
It will still take expertise, time and $$$ to successfully crack WPA2 networks......Most people are lucky if they install DD-WRT on their router without any issues let alone hack WPA2 with routers that use custom firmware so I don't think that the risk is widespread.....
That's just not true. If you dig around the internet you can find tools that will aid most anyone to break into WiFi networks, I plead the 5th amendment now. LOL
Time is still an issue though.

1219.10.2017 20:50

Originally posted by ivymike:
Originally posted by Mr-Movies:
Originally posted by ivymike:
It will still take expertise, time and $$$ to successfully crack WPA2 networks......Most people are lucky if they install DD-WRT on their router without any issues let alone hack WPA2 with routers that use custom firmware so I don't think that the risk is widespread.....
That's just not true. If you dig around the internet you can find tools that will aid most anyone to break into WiFi networks, I plead the 5th amendment now. LOL
Time is still an issue though.
True, you don't just hack in within 5 minutes but within a day if you do it right and your in, I've heard... :)

1320.10.2017 1:11

This is where the little "wall wart" security-cracker-in-a-teeny-box plugged in next to the victim's copier comes in ^^'. They're already for sale.

Comments have been disabled for this article.

News archive