FragAttacks is a group of security vulnerabilities that can be used to attack Wi-Fi devices. Every Wi-Fi device ever created appears vulnerable, allowing attackers to steal sensitive data or attack devices on your network. Here̵
What are FragAttacks?
FragAttacks, which was unveiled on May 12, 2021, stands for “fragmentation and aggrace to attack. “This is a collection of security issues announced together. Three of them are design flaws with Wi-Fi itself and affect most devices that use Wi-Fi.
In addition, the researchers found programming errors in many Wi-Fi products. These are even easier for attackers to exploit than the design flaws in Wi-Fi itself.
The collection of vulnerabilities called FragAttacks was discovered by Mathy Vanhoef, the same security researcher who previously discovered KRACK, an attack on the WPA2 encryption protocol used to secure Wi-Fi networks.
Which devices are vulnerable to FragAttacks?
According to the researchers, every Wi-Fi device ever created appears to be vulnerable to at least one of the FragAttacks vulnerabilities. In other words, any Wi-Fi device going back to the first Wi-Fi release in 1997 is likely to be vulnerable.
That is the bad news. The good news is that this vulnerability was discovered nine months before it was revealed to the public. At the time, many companies have already released security patches that protect their devices from FragAttacks. For example, Microsoft has updated Windows with protection against FragAttacks in the update released on March 9, 2021.
What can an attacker do with FragAttacks?
An attacker can do one of two things with FragAttacks. First, in the right situation, FragAttacks can be used to steal data from a Wi-Fi network that needs to be encrypted and protected from such an attack. (Websites and applications that use HTTPS or some other type of secure encryption are protected from such an attack. However, if you are sending unencrypted data over an encrypted Wi-Fi connection, a FragAttack can be used to protect the Wi-Fi encryption. bypass.)
This underscores the importance of securing data sent over a network with encryption, even if that data is only sent between two devices on your local network. It’s also another example of why using HTTPS everywhere is so important to the future of the Internet. Browsers are slowly shifting from HTTP to HTTPS for good reason.
Second, the researchers say the main concern is that FragAttacks could be used to attack vulnerable devices on a Wi-Fi network. Unfortunately, many smart home and IoT devices – especially those made by strange fly-by-night brands that don’t provide long-term support for their devices – don’t receive regular updates. A cheap, low-cost smart plug or smart bulb from an unknown brand can be easily attacked. In theory ‘this shouldn’t matter’ because that device is on a trusted home network, but FragAttacks provide a way to bypass Wi-Fi network protection and attack a device directly, just as if the attacker were using the same wifi network is connected. -Fi network as the device.
It’s more of a confirmation of the importance of security updates – the devices you want to use should come from reputable manufacturers who provide security updates and long-term support for their hardware. This even applies to cheap smart plugs with Wi-Fi. Secure your smart home.
RELATED: How to Protect Your Smarthome from Attacks
What is the real risk?
First of all, an attacker would need to be in the radio range of your network – in other words, in your physical environment – attacking Wi-Fi in order to perform an attack that uses FragAttacks.
In other words, if you are in an apartment or a densely built-up area, there are more people around and you are at a slightly higher risk. If you live somewhere without other people, you are unlikely to be attacked.
Corporate networks and those of other institutions that may be high-value targets are also significantly more at risk than the average home network.
As of the disclosure of these flaws in May 2021, the researchers said there was no evidence that any of these flaws are being exploited in the wild. So far, they seem like only theoretical problems, but the disclosure increases the risk that people will use them to attack real-world networks.
So FragAttacks are a problem, but keep in mind that this is not a ‘wormable’ attack that can spread like wildfire across the internet. There must be an attacker near you and targeting your network to attack your smarthome devices or attempt sensitive data. It is very important that this flaw is disclosed and that device manufacturers issue software patches for existing devices and of course ensure future devices are protected. And there are some things you can do to protect yourself.
How do you protect yourself?
Fortunately, the standard best practices for keeping your devices and network safe will also help protect you from FragAttacks. Here are the three most important tips:
First, make sure the devices you’re using get security updates. If you’re still using a Windows 7 PC or an old version of macOS that isn’t getting updates, it’s time to upgrade. If your router is starting to hit the bull’s eye for a long time and your manufacturer never plans to update it again, it’s time for a new router. If you have smart plugs or other old devices that aren’t getting firmware updates and are likely to have security issues, then you need to replace them with something new.
Second, install those security updates. Modern devices will generally automatically install updates for you. However, on some devices, such as routers, you still have to click an option or a button to agree to install that update.
Third, use secure encryption. Make sure you are on an HTTPS site when you sign up online. Try to use HTTPS whenever possible. A browser extension like HTTPS Everywhere can help, but it’s much less necessary now that most websites you visit probably automatically use HTTPS when available. Firefox can even be configured to warn you before loading websites that are not encrypted with HTTPS. Also try to use secure encryption everywhere – even if you’re only transferring files between devices on your local network, you can use an application that provides encryption to secure that transfer. This protects you from FragAttacks and other possible future flaws that could bypass your Wi-Fi encryption to spy on you.
Of course, a VPN can route all of your traffic through an encrypted connection, so it gives you extra protection against FragAttacks if you need to access an HTTP website (or some other unencrypted service) and are concerned about the network you’re using. currently used. .
So that’s it: use devices that get updates, install security updates, and use encryption when connecting to websites and transferring data. Fortunately, FragAttacks are not yet used in the wild.
Of course, folks handling the security of corporate IT departments have a huge job ahead of them to make sure their infrastructure isn’t vulnerable to these shortcomings.
For more technical information about FragAttacks, see the official FragAttacks disclosure website.