The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.
Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.
“Attackers can use this novel attack technique to read information that previously assumed to be safely encrypted,” Vanhoef said. “This canbe abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.
Vanhoef emphasised that “the attack works against all modern protected wifi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
The vulnerability affects a number of operating systems and devices, Vanhoef says, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others.
“If your device supports wifi, it is most likely affected,” Vanhoef writes. “In general, any data or information that the victim transmits can be decrypted … Additionally, depending on the device used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).”
The researchers have given the weakness the codename Krack, short for Key Reinstallation AttaCK.
The United States Computer Emergency Readiness Team (Cert) issued a warning on Sunday in response to the vulnerability.
“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others,” the alert says, detailing a number of potential attacks. It adds that, since the vulnerability is in the protocol itself, rather than any specific device or software, “most or all correct implementations of the standard will affected”.
The development is significant because the compromised security protocol is the most secure in general use to encrypt wifi connections. Older security standards have broken in the past, but on those occasions a successor was available and in widespread use.
Alex Hudson, the chief technical officer of subscription service Iron, says that it is important to “keep calm”.
“Thereis a limited amount of physical security already on offer by wifi: an attack needs to in proximity,” Hudson writes. “So, you’re not suddenly vulnerable to everyone on the internet. It’s very weak protection, but this is important when reviewing your threat level.
“Additionally, it’s likely that you don’t have too many protocols relying on WPA2 security. Every time you access an https site … your browser is negotiating a separate layer of encryption. Accessing secure websites over wifi is still totally safe. Hopefully – but there is no guarantee – you don’t have much information going over your network that requires the encryption WPA2 provides.”
Crucially, the attack is unlikely to affect the security of information sent over the network, which protected in addition to the standard WPA2 encryption. This means that connections to secure websites are still safe, as other encrypted connections such as virtual private networks (VPN) and SSH communications.
However, insecure connections to websites – those which do not display a padlock icon in the address bar, indicating their support for HTTPS – should considered public, and viewable to any other user on the network, until the vulnerability fixed.
Equally, home internet connections will remain difficult to fully secure for quite some time. Many wireless routers are infrequently if ever updated, meaning that they will continue to communicate in an insecure manner. However, Vanhoef says, if the fix installed on a phone or computer, that device will still able to communicate with an insecure router. That means even users with an unpatched router should still fix as many devices as they can, to ensure security on other networks.
Different devices and operating systems impacted to differing degrees based on how they implement the WPA2 protocol. Amongst the worst hit Android 6.0 (Marshmallow) and Linux, due to a further bug that results in the encryption key rewritten to all-zeros; iOS and Windows, meanwhile, are among the most secure, since they don’t fully implement the WPA2 protocol, dodging one weakness. No tested device or software was fully immune to the weakness, however.
The international Cert group, based at Carnegie Mellon University, informed technology companies of the flaw on 28 August, meaning that most have had around a month and a half to implement a fix. The Guardian has asked Apple, Google, Microsoft and Linksys the status of their patches. Google said: “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.” No other vendor has replied at press time.