Join us at Minneapolis API Security Summit 2025!
Join us at Minneapolis API Security Summit 2025!
Join us at Minneapolis API Security Summit 2025!
Join us at Minneapolis API Security Summit 2025!
Join us at Minneapolis API Security Summit 2025!
Join us at Minneapolis API Security Summit 2025!
Close
Privacy settings
We use cookies and similar technologies that are necessary to run the website. Additional cookies are only used with your consent. You can consent to our use of cookies by clicking on Agree. For more information on which data is collected and how it is shared with our partners please read our privacy and cookie policy: Cookie policy, Privacy policy
We use cookies to access, analyse and store information such as the characteristics of your device as well as certain personal data (IP addresses, navigation usage, geolocation data or unique identifiers). The processing of your data serves various purposes: Analytics cookies allow us to analyse our performance to offer you a better online experience and evaluate the efficiency of our campaigns. Personalisation cookies give you access to a customised experience of our website with usage-based offers and support. Finally, Advertising cookies are placed by third-party companies processing your data to create audiences lists to deliver targeted ads on social media and the internet. You may freely give, refuse or withdraw your consent at any time using the link provided at the bottom of each page.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Wallarm
/
Wallarm Learning Center
/
What is KRACK or Key Reinstallation Attack? Measures of protection
Attacks

What is KRACK or Key Reinstallation Attack? Measures of protection

Wi-Fi is a major convenience for homes and businesses today. It allows users to log on to a particular network, stream media or connect to the Internet with ease. It also plays an important role in keeping homes secure. A device that connects to public Wi-Fi can allow a hacker to access your home network or business systems as long as they are connected to the same network. If hackers get into your network, they can steal valuable data from your devices and systems, like important documents or photos. Even if you use password-protected networks, most people choose open Wi-fi hotspots because they are convenient and affordable. However, there’s nothing more dangerous than unsecured open Wi-Fi networks. They can be attacked by hackers called “krackers” - named after the attack in which KRACK (Key Reinstallation Attack and Renew). We will talk more about this problem in this article.

What is KRACK or Key Reinstallation Attack? Measures of protection

WPA2 definition

WPA2 is a four-way handshake protocol that secures wireless connections in 802.11i/802.11n networks by providing an authenticated key exchange between the access point (AP) and the supplicant stations during initial connection. WPA2 has been widely deployed since 2004, in billions of devices including routers, mobile phones, laptops, and more.

KRACK attack definition

KRACK or Key Reinstallation Attack and Renew is an attack that hackers have been using with WPA2 (WiFi Protected Access II) wireless encryption standards to intercept communications between clients and access their networks without being detected as well as inject malicious code into wireless connections.

Since it has been discovered over two months ago, many companies have been working really hard on finding solutions and fixes for it: Google has released patches for Android, Linux kernel has patched many vulnerabilities found in it, Microsoft has released security updates for Windows 10 computers that include mitigations against Krack attacks, Apple released security updates for MacOS High Sierra v10.13.5 that fix issues related to the attack but unfortunately no fix

How Do KRACK Attacks Work?

KRACK exploits a vulnerability in WPA2 wireless encryption standards so that attackers can intercept communications between clients and access their networks without being detected. It works by exploiting four vulnerabilities, which are:

  • The key reinstallation attack (KRACK) - allows attackers to decrypt intercepted data at will
  • the fractured handshake protocol (a man-in-the-middle attack) - allows attackers to decrypt data or forward it to another destination
  • the group key handshake attack (a man-in-the-middle attack) - allows attackers to decrypt data or forward it to another destination
  • the key caching vulnerability (a man-in-the-middle attack) - allowing an attacker to sniff traffic or impersonate users on open WiFis
The scheme of a KRACK attack
The scheme of a KRACK attack

How to protect against KRACK attacks?

The best solution to protect against KRACK attacks is to update the device software and change the Wi-Fi network password.

If you are worried about the potential impact of KRACK attacks on your privacy, you can use a virtual private network (VPN). A VPN service encrypts all your network traffic, so attackers can't intercept it or track it. In fact, there's even a company that has already created a free VPN service called NordVPN. But as with any system, it's only as safe as its weakest link. If you're using an unsecured Wi-Fi hotspot, you could be at risk for Krack attacks if someone else has access to the network. So before connecting to open Wi-Fi networks anywhere, make sure they're secured by using WPA2 encryption standards.

If you have already been affected by the Krack attack, there’s still hope. You can fix your Wi-Fi by simply applying these fixes.

The easiest way to fix your Wi-Fi is to follow the steps below and make sure that you never connect to any unsecure networks in the future:

  1. Open up your router settings (in most cases, this will be found under “admin” or “advanced”)
  2. Update your router's firmware
  3. Enable WPA/WPA2 Personal authentication
  4. Enable a strong password and not just any password (use 10 characters minimum)
  5. Limit network access with port forwarding rules
  6. Install a VPN for added security

FAQ

References

Subscribe for the latest news

Updated:
February 26, 2024
Learning Objectives
securing apps on aws with wallarm
webinar
January 9, 2025
A CISO's View on Building an API Security Program in 2025

In this webinar, we bring together CISOs to discuss what changes and threats should be considered in 2025.

Register now
Subscribe for
the latest news
subscribe
Author |
Verified Expert
20+ years IT expertise in system engineering, security analysis, solutions architecture. Proficient in OS (Windows, Linux, Unix), programming (C++, Python, HTML/CSS/JS, Bash), DB (MySQL, Oracle, MongoDB, PostgreSQL). Skilled in scripting (PowerShell, Python), DevOps (microservices, containers, CI/CD), web development (Node.js, React, Angular). Successful track record in managing IT systems.
Reviewer |
Verified Expert
Stepan is a cybersecurity expert proficient in Python, Java, and C++. With a deep understanding of security frameworks, technologies, and product management, they ensure robust information security programs. Their expertise extends to CI/CD, API, and application security, leveraging Machine Learning and Data Science for innovative solutions. Strategic acumen in sales and business development, coupled with compliance knowledge, shapes Wallarm's success in the dynamic cybersecurity landscape.
Related Topics
<