Click on the above “Tencent Technology” to select “Pin to Top”
Critical updates delivered in real-time
Source / The Paper (ID: thepapernews)
Content published with authorization
Key Points:
Google’s Android system, Apple’s iOS system, and Microsoft’s Windows operating system may all be affected.
The Wi-Fi security vulnerability originates from the security standard itself, rather than individual device issues, but it affects devices connected to Wi-Fi networks. It is currently uncertain whether this vulnerability is being exploited by hackers.
In response, there is no need to change Wi-Fi passwords; instead, ensure that firmware updates are applied to all terminal devices and routers.
On October 16, U.S. time, a report released by a security research organization indicated that the WPA2 protection mechanism used to secure Wi-Fi networks has a vulnerability that allows hackers to eavesdrop on communications from any connected device. Operating systems such as Google’s Android, Apple’s iOS, and Microsoft’s Windows may be affected.
Mathy Vanhoef from KU Leuven University explained that WPA2 is the security protocol used to protect modern Wi-Fi networks, and hackers have found a way to manipulate the encryption elements behind this security protocol.
The report states that the Wi-Fi security vulnerability originates from the security standard itself, rather than individual device issues, but it affects devices connected to Wi-Fi networks.
Vanhoef stated that Google’s Android system, Apple’s iOS system, and Microsoft’s Windows operating system may all be affected.
What is the principle?
The aforementioned WPA2 protocol uses a so-called “four-way handshake.” The initial action of the “handshake” occurs when the user inputs the correct password to access the Wi-Fi network, and the second action occurs when a new encryption key is generated to encrypt subsequent traffic.
Hackers can manipulate this process through a method known as a “Key Reinstallation Attack” (KRACK).
Researchers wrote: “This is achieved by manipulating and replaying encrypted handshake information.” However, the research report also noted that the attacker needs to be within a certain range of the victim to carry out this attack.
Who might be affected?
Theoretically, any device connected to a Wi-Fi network could be affected. However, researchers pointed out that this security vulnerability is “catastrophic” for a specific version of Linux and “highly destructive” for devices running Android 6.0 and above. According to Google data, half of Android devices are running this version.
The Wall Street Journal reported that large enterprises may be more affected by this vulnerability than ordinary consumers.
Vanhoef stated that he is unsure whether this vulnerability is currently being exploited by hackers.
Vendors of affected products were notified around July 14 of this year. Vanhoef subsequently reported this vulnerability to the U.S. Computer Emergency Readiness Team (CERT), which issued a notification to device vendors on August 28.
How to respond?
Vanhoef stated that there is currently no need to change Wi-Fi passwords; instead, ensure that firmware updates are applied to all terminal devices and routers.
He also stated that people should continue to use the WPA2 protocol.
The U.S. Department of Homeland Security’s Computer Emergency Response Team recommends installing vendor-provided updates on affected products (such as routers provided by Cisco Systems or Juniper Networks).
Microsoft responded to tech site The Verge, stating that it has released a security update to address the issue, and a Google spokesperson stated on Twitter that Android devices with security patch levels from November 6, 2017, or later are protected. Apple confirmed that it has a fix in testing and that the software will be released soon.
