On Monday we have received some bad news regarding Wi-Fi network security. Wi-Fi networks are at risk of being hacked based on a recently discovered vulnerability (Key Reinstallation Attacks).
This flaw is present in the WPA2 Protocol, a protocol used by most routers. According to Ars Technica, a researcher from the Leuven University found a weakness in the WPA2 protocol that allows attackers to intercept passwords, e-mails, and other encrypted data. The website that discloses the vulnerability, says that Android and Linux are particularly vulnerable to exploits, macOS and Windows to a less extent.
The vulnerability “can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.” It also emphasizes that the vulnerability affects all modern protected Wi-Fi networks, possibly affecting most of the networks we currently use.
Is my device vulnerable?
It’s very likely that you are currently open to the vulnerability. The problem here is that a vast majority of home and business networks are vulnerable to this exploit. According to Techradar, some manufacturers have already patched their hardware. How fast and which router manufacturers will respond to the exploit is still up in the air.
How to protect your network?
It’s still uncertain how will people exploit this vulnerability, or if it is being actively exploited. You can contact your vendor, or check its website to see if there are any new router updates, addressing the issue.
Update Wireless Devices
The first thing you should do is update all your routers and Wi-Fi devices, this includes laptops, phones, tablets, etc. Essentially you should update both clients and routers prevent KRACK. If you have been postponing device updates, now might be a good time to actually do them.
Ethernet is your friend
As we mentioned before, not all manufacturers as responding quickly. If your router doesn’t have an update yet, we recommend sticking to the good old Ethernet cable and turn off its wireless access (if possible) until it’s patched.
Use encrypted connections
Prioritizing encrypted internet traffic will reduce the risk of any Wi-Fi exploit. Using services such as vBoxxCloud that offer an encrypted connection will help keep your documents safe. You can also install the HTTPS Everywhere extension. When a website does not offer encrypted access (HTTPS), the extension will automatically tell your browser to use the HTTPS version to encrypt the traffic. The extension will not work if the website is still relies on HTTP.
VPN could be an alternative
Using a VPN server could be an option, however make sure you trust the VPN provider. With a VPN you are rerouting all the internet traffic to a VPN server in data center somewhere in the world. While an attacker won’t be able to see what you are doing on your Wi-Fi network, the VPN company can.
For those of you afraid of losing passwords and sensitive data, make sure you use two-step authentication procedures. Having a mandatory second verification step (mail, mobile device or call), could give you some time to handle data breaches.
Router and device updates, should be able to prevent any serious exploits. Contact your internet providers, and router manufacturers to learn whether they have addressed the issue.
Check how to protect yourself from Wi-Fi vulnerabilities for more information.