FragAttacks is a group of security vulnerabilities that can be used to attack Wifi devices. As if all Wi-Fi devices created so far are vulnerable, attackers can steal confidential data or attack network devices.
Here, I’ll tell you what you can do to protect your Wifi from FragAttacks, but first, let’s have some basic information regarding FragAttacks.
Table of Contents
What are FragAttacks & What Can Attackers Do with it?
Unveiled on May 12, 2021, FragAttacks stands for “Attack of Fragment and Integration”. These are a collection of security vulnerabilities that have been announced together. Three of them are design flaws in Wi-Fi itself, and it affects most devices that use Wi-Fi.
In addition, researchers have found programming mistakes in many Wi-Fi products. These are easier for attackers to exploit than design flaws in Wi-Fi itself.
An attacker can perform one of two tasks on FragAttacks. First, it uses FragAttacks to steal data from Wi-Fi networks under the right circumstances and is encrypted and protected from such attacks. (Websites and applications that use HTTPS or other types of security encryption are protected from these attacks, but send unencrypted data over an encrypted Wi-Fi connection. If you do, you can use FragAttacks to bypass Wi-Fi encryption.)
Second, researchers are primarily concerned that FragAttacks can be used to launch attacks on vulnerable devices on Wi-Fi networks. Unfortunately, many smart homes and IoT devices, especially those created by strange flying brands that don’t provide long-term support for the device, don’t get regular updates. Unknown brand cheap smart plugs and smart light bulbs are easy to attack. In theory, it’s “not important” because the device is in a trusted home network. But FragAttacks provides a way for an attacker to bypass the protection of your Wi-Fi network and attack your device directly as if they were connected to the same Wi-Fi. -Fi Used as a network device.
Which Devices are Vulnerable to FragAttacks?
According to researchers, all Wi-Fi devices created so far are likely to be affected by at least one FragAttacks vulnerability. This means that all Wi-Fi devices that first released Wi-Fi in 1997 can be vulnerable.
That’s bad news. The good news is that this vulnerability was discovered nine months before it was released to the public. At that time, many companies had already released security patches to protect their devices from FragAttacks. For example, Microsoft has updated Windows with protection against FragAttacks in an update released on March 9, 2021.
What’s the Actual Risk FragAttacks?
First, with an attack on Wi-Fi, the attacker must be physically close to the wireless range of the network, i.e., to execute an attack using FragAttacks. That is if you are in apartments and dense urban areas, the risk of increasing the number of people nearby increases somewhat. If you live in a place where no one else is present, you are unlikely to be attacked.
Corporate networks and networks of other institutions that can be the target of high value are also clearly at higher risk than the average home network.
At the time these flaws were revealed in May 2021, the researchers said there was no evidence that one of these flaws was being exploited in the wild. So far, they seem like a simple theoretical problem, but when they become public, they increase the risk of people using them to attack real networks.
So FragAttacks is a problem, but there are no “wormable” attacks that can spread like wildfires over the Internet. An attacker can attack a smart home device or capture sensitive information by being close to the user and attacking the network. data. Of course, device manufacturers need to expose this flaw and issue software patches for existing devices to protect future devices. And there are some things you can do to protect yourself.
How can you protect your Wifi from FragAttacks?
Thankfully, standard best practices for keeping your devices and networks safe can also help protect your users from FragAttacks. Here are 3 ways which can help you to protect your Wifi from FragAttacks and attackers:
1. Use secure encryption
Make sure you are accessing an HTTPS site when logging in online. Try to use HTTPS whenever possible. Browser extensions like HTTPS Everywhere can help, but you don’t need that much because it’s likely to be used automatically if HTTPS is available on most websites you access. Firefox can be configured to warn before loading HTTPS unencrypted websites. Also, try using secure encryption anywhere. Even if you can transfer files between devices on your local network, use an application that provides encryption to secure the transfer. This protects the user from FragAttacks and other potential flaws that can be monitored by bypassing Wi-Fi encryption.
Of course, VPNs can route all traffic over encrypted connections, so you can visit an HTTP website (or any other unencrypted service) that you are currently using. They Provide additional protection for Frag Attacks if you are worried about your network you’re currently using.
2. Scan for security updates constantly
Make sure your device is scanning for security updates. If you’re still using a Windows 7 PC or an older version of macOS that isn’t acquiring updates, you’ll need to upgrade. If your router is too long and the manufacturer does not update the router, you will need to use a new router. If the firmware update does not work on smart plugs and other old devices, and there may be security flaws, then you need to replace them with new ones.
3. Install these security updates
Recent devices usually install updates automatically. However, some devices, such as routers, require you to agree to the installation of those updates by clicking an option or pressing a button.
So that’s it: To protect your Wifi from FragAttacks, use devices that are getting updates, install security updates, and use encryption when connecting to websites and transferring data. Thankfully, FragAttacks aren’t yet being used in the wild.
Of course, people who handle security for corporate IT departments will have a huge job ahead of them in ensuring their infrastructure isn’t vulnerable to these flaws.