Researcher Finds Weakness in Wi-Fi Networks

By S.L. Fuller | October 18, 2017
Send Feedback

Inflight Wi-Fi

File photo

KU Leuven said its researchers have discovered weaknesses in a protocol that secures all protected Wi-Fi networks. If exploited by attackers, credit card information, passwords and more could be stolen.

According to KU Leuven, whenever someone joins a Wi-Fi network, a “four-way handshake” is executed to produce a fresh encryption key for all subsequent traffic.

“To guarantee security, a key should be installed and used only once,” KU Leuven said. “But in a key reinstallation attack, attackers trick a victim into reinstalling an already-in-use key. As a result, they can steal sensitive information or, depending on the network configuration, inject malware into a website.”

The researcher was able to detect the weakness by performing a “novel type of attack” against the WPA2 protocol, KU Leuven said.

KU Leuven said that changing Wi-Fi passwords would not be enough to prevent attacks. Instead, users should update devices as soon as security updates become available.

Receive the latest avionics news right to your inbox