Researcher Finds Weakness in Wi-Fi Networks

By S.L. Fuller | October 18, 2017

Inflight Wi-Fi

File photo

KU Leuven said its researchers have discovered weaknesses in a protocol that secures all protected Wi-Fi networks. If exploited by attackers, credit card information, passwords and more could be stolen.

According to KU Leuven, whenever someone joins a Wi-Fi network, a “four-way handshake” is executed to produce a fresh encryption key for all subsequent traffic.

“To guarantee security, a key should be installed and used only once,” KU Leuven said. “But in a key reinstallation attack, attackers trick a victim into reinstalling an already-in-use key. As a result, they can steal sensitive information or, depending on the network configuration, inject malware into a website.”

The researcher was able to detect the weakness by performing a “novel type of attack” against the WPA2 protocol, KU Leuven said.

KU Leuven said that changing Wi-Fi passwords would not be enough to prevent attacks. Instead, users should update devices as soon as security updates become available.

Receive the latest avionics news right to your inbox

Curated By Logo