What are FragAttacks? how to protect your WiFi device from FragAttacks

 Any device that supports WiFi connectivity is at risk of falling victim to this vulnerability, thereby allowing malicious actors to steal sensitive data or even attack other connected devices. connected in your same network.

Here's everything you need to know about FragAttacks, as well as how to protect your WiFi devices against these vulnerabilities.

What are FragAttacks?

First revealed on May 12, 2021, FragAttacks stands for 'fragmentation and aggregation attacks.' (rough translation: Fragmentation and aggregation attacks). This is basically a collection of security vulnerabilities that were discovered and published in bulk. Three of them are flaws in the design structure of WiFi itself and affect most devices that support this connection technology.

In addition, researchers have also discovered many programming errors that exist in Wi-Fi products. These vulnerabilities are even more susceptible to abuse by malicious actors than the design flaws that lie within the WiFi technology itself.

The FragAttacks set of vulnerabilities - discovered by security expert Mathy Vanhoef - who also previously discovered KRACK - attacks against the WPA2 encryption protocol that is commonly used to secure WiFi networks.

Which devices are vulnerable to FragAttacks?

According to the researchers, in theory, every WiFi enabled device ever created could be attacked by at least one of the FragAttacks vulnerabilities. In other words, every WiFi device released since the first release of this technology in 1997 is vulnerable to FragAttacks.

The good news is that this vulnerability was discovered about 9 months before it was publicly disclosed on May 12, 2021 above. During that time, many companies released security patches to protect their devices from FragAttacks. For example, Microsoft added protection against FragAttacks in an update released on March 9, 2021.

How Hackers Abuse FragAttacks?

An attacker can do one of two things with FragAttacks.

First, in the right situation, FragAttacks can be used to steal data from a WiFi network that needs to be encrypted and protected against such an attack. (Sites and apps that use HTTPS or some other secure encryption can protect against this type of attack. However, if you're sending unencrypted data over a WiFi connection, hackers can't. can abuse FragAttack to bypass WiFi encryption and steal your data).

This fact underscores the importance of keeping data sent over WiFi secure — even if it's only sent between two devices on your local network. It's also another example of why using HTTPS is important to the future of the web. The good news is that all browsers are gradually switching from HTTP to HTTPS by default.

Second, FragAttacks can be used to perform attacks against other vulnerable devices that are connected on the same WiFi network. Unfortunately, a lot of IoT devices and smart homes don't regularly receive updates. A cheap smart plug or smart bulb from an unknown brand can be easily hacked. In theory, this 'shouldn't matter' because the device is on a trusted home network — but through FragAttacks, hackers can completely bypass the protection of the WiFi network and attack directly. A device.

This fact reinforces the importance of security updates: The devices you use should come from reputable manufacturers that provide security patches and long-term product support. .

What is the actual risk?

First of all, given the nature of an attack against WiFi, the hacker would have to be within radio range of the network — i.e. in the vicinity of the target device — to perform a FragAttacks attack.

In other words, if you are in an apartment building or a crowded urban area, there will be many people within range of your WiFi network connection, and the probability of the risk is therefore higher.

As such, the WiFi network of other companies and organizations will be an easily accessible and higher-value target than a normal home network.

However, up to now, there has not been a single FragAttack attack that has been recorded in reality. They seem to be just theoretical problems - but having everything publicly disclosed as of now will also certainly increase the risk of future attacks if no proactive response measures are in place. The simplest is to release software patches for existing WiFi devices.

How do you protect yourself?

First, make sure that the devices you use are running on the latest security updates. If you're still using a PC running Windows 7 or a dead version of macOS, now's the time to upgrade. If your router is too old and the manufacturer is also 'lazy' to release software updates, it's time to change a new router.

Second, install new security updates. Modern devices will usually automatically install the update when it arrives. However, on some devices — like routers — you still have to click an option or tap to agree to install the update.

Third, use secure encryption. When logging in online, make sure you're on an HTTPS site. Try to use HTTPS whenever possible. Also, try using secure encryption everywhere: Even if you're just transferring files between devices on your local network, use an encryption app to keep it secure . This will protect you from FragAttacks and other potential bugs in the future that can bypass WiFi encryption to spy on you.

Of course, a VPN can route all your traffic through an encrypted connection, so it also gives you extra protection against FragAttacks if you have to visit a website. HTTP (or another unencrypted service).

Isabella Humphrey

Update 16 May 2021