Wi-Fi security bug could leave just about everyone vulnerable

Wi-Fi marinini Shuttersctock 2013

Protocol-level security flaws in WPA2 may affect ALL Wi-Fi devices!

"The WPA2 protocol (the security standard for all modern protected Wi-Fi networks) has real flaws that could be unsafe for all Wi-Fi users", Kuskov told Sputnik.

The researchers called the said weakness as Key Reinstallation Attacks, also known as KRACKs.

It's safe to say this newfound weakness poses a serious privacy risk - here are a few things you can do to protect yourself from a potential attack.

Sounds great, but in practice a great many products on the CERT list are now designated "unknown" as to whether they are vulnerable to this flaw.

In theory, it allows an attacker within range of a Wi-Fi network to inject computer viruses into internet networks, and read communications like passwords, credit card numbers and photos sent over the internet. Customers who apply the update, or have automatic updates enabled, will be protected. Researchers found devices using Android, Linux, Apple, Windows, OpenBSD, MediaTek and Linksys were affected. The WPA2 system is a system which secures the Wi-Fi connection between a router and a computer. The vulnerability can also be put to use to inject malware or ransomware into systems as well, which underscores a huge risk that both corporates and domestic users face in the aftermath of the discovery of the security flaw. It's particularly significant given that WPA2 is the most secure protocol generally being used to encrypt WiFi networks, rather than an older security protocol.

This attack technique bypasses established network defenses, including encryption, and works against all modern protected WiFi networks.

How can I prevent an attack?

Finnish security firm F-Secure said experts have always been cautious about Wi-Fi's ability to withstand security challenges of the 21st century. Another expert says home users need not be too anxious, as the attack is "quite. complex.to carry out in practice", but that they should update their software whenever an update becomes available.

For users, the best they can do for the moment is to wait for the router manufacturers and ISPs to come up with an effective patch in the form of firmware updates to remedy the situation.

"Wi-Fi Alliance now requires testing for this vulnerability within our global certification lab network and has provided a vulnerability detection tool for use by any Wi-Fi Alliance member".

Latest News