The routers once again dominate the scene despite the fact that last May they were in the news as a result of a Russian cyber-attack that affected more than 500,000 devices. But this time is different and also worrying. Mainly because nobody can do anything to solve it.
If you have a router in your home, we will give you a very bad news: your security is in danger. So you know what we are talking about, we will be very clear: any hacker can enter your network, steal your access codes to your bank and leave your account to zero in just a few seconds.
This is the tremendous vulnerability that scientists at the University of California, Riverside, have discovered in all the Wi-Fi routers that currently exist in the market worldwide. And the worst thing is that it cannot be repaired.
Experts have described in detail a “exploit”, that is, a code that takes advantage of a security hole, which uses the interaction of two universal internet protocols: transmission control protocol or TCP and Wi-Fi. “The ‘exploit’ does not point to any traditional security vulnerability. On the other hand, the weakness of security lies in a fundamental decision of Wi-Fi design made more than 20 years ago that is extremely difficult to change », the researchers say.
TCP has been around since the internet was invented and all websites use it. This control protocol divides the information into manageable fragments that can be transmitted between computers through the internet. Each fragment, known as “package”, receives a number within a unique sequence for that particular communication that guarantees that it is delivered correctly. The first number of the initial sequence is chosen randomly, but the next numbers will increase predictably so that the receiving computer can organize them properly if they arrive out of service.
Interception of communication
In order for an attacker to intercept this communication, he must pretend to be the sender and correctly guess the next number in the sequence. Because there are approximately 4,000 million possible sequence numbers, it is almost impossible to guess successfully before communication is complete.
But – the researchers point out – if the attacker can determine which number triggers a response from the recipient, he can find out the approximate range of the correct number and send a “malware” that simulates that it comes from the original sender. When your computer reassembles the packages, the cybercriminal will see what he wants.
«The weakness of security lies in a fundamental decision of wifi design made more than 20 years ago that is extremely difficult to change»
All wireless routers can only transmit data in one direction at a time because they communicate with devices in their network on a single channel, as happens with walkie-talkies. It is a unidirectional wireless connection, which means that there is always a time interval between a request and a response.
For example, when a user clicks to enlarge an image that they have searched on Google, their computer asks the remote computer to send the image data. That remote computer decomposes the image data into numbered packets and sends them through the fastest routes. The user’s computer responds to confirm each package and assembles them in the correct order to display the image on the screen. Hence the numbering.
A malicious web version
“Each time the victim visits their bank’s website, they will always see the malicious version, since it is stored in the browser and will not expire for tens of years, or until the victim clears its cache,” the researchers explained.
This security error does not work on encrypted web pages that use HTTPS. However, some banking websites, especially outside the US, use HTTP in their home pages and only direct the user to an HTTPS page when they click to log in. The authors have also shown how easy it is for the attacker to insert a false login area on the home page to capture the user’s passwords.
This “bug”, in addition to allowing hackers to steal private data, can also be used to spread false news or conduct espionage activities.