Wednesday, October 25, 2017

Tech Briefing: New Hacking Method- KRACK


Article: Update Every Device-- This KRACK Hack Kills Your Wi-fi Privacy
Author: Thomas Fox- Brewster

This year we have seen a lot of security breaches and data compromises. Along with it, new hacking methods have surfaced, that only make us more vulnerable in the online world. Though many hacking methods are used to get into a specific system, this new hack allows hackers to get in your network.

A researcher from a Belgian university, Mathy Vehoef calls this hack "KRACK, for Key Reinstallation Attack" (Brewster). This affects a very common core encryption protocol WPA2 which allows us to keep our web use hidden from everyone. However, now hackers can "tweak" into the handshake process that happens between a computer and a router to connect to the network. Once they hack into this, they can manipulate the encrypted key which is supposed to be a one time use, and is created by algorithms during the handshake process.
Once they manipulate this key they can use it multiple times to get into your network. This means  now the hacker can see everything we do on the internet, and can steal our credit card information, messages, emails, photos etc.
Though this attack is only possible when the hacker is within the physical proximity of the device. So to protect ourselves, we need to look out for newly released patches for routers, laptops and mobile devices. Many top companies have already released patches and some are underway.
Meanwhile, Vehoef suggests users to use VPN software and HTTPS encrypted websites to protect ourselves from this.

What are your thoughts on this new hacking method? Have you installed any patches or received any information regarding the release of these patches from companies like Microsoft?




3 comments:

  1. Hi Miral,

    I always find that new hacking methods are quite interesting, mainly because of how quickly it changes. You would think that having an encryption on a password would keep your data safe. Your post made me realize that it does not. It makes me wonder how many companies are implementing patches and if I am a client to some of them. So now the question is...How do I ensure that I am not going to be a victim of a data breech due to a KRACK hack?

    I am always connected to wifi in various locations. That means my network security needs to be more up to date. I found another article that goes more in depth.

    Here is the link: https://qz.com/1103329/what-you-need-to-know-about-krack-the-newly-discovered-wifi-bug-that-lets-hackers-snoop-on-your-devices/

    It makes me feel better that I have an an iphone and the more susceptible products include androids.


    ReplyDelete
  2. The above post belongs to Caroline Ochoa. I am not sure why it did not post my name.

    ReplyDelete
  3. Only a few days left! Join the CryptantCrabs giveaway and try your luck!😎

    Dapp.com is a largest dedicated platform for sharing exciting dapps and valuable knowledge about decentralized technology. We help everyone understand, create, and enjoy this exciting new technology with enthusiasm.

    Check this out to join. ⬇️⬇️
    https://dapplin.blogspot.com/2018/11/dapps-are-hosting-giveaway-with.html?m=1

    🔘Dapp.com
    https://t.me/dapp_com

    ReplyDelete