Thursday, 13 December 2018
Latest news
Main » Severe WiFi security flaw puts millions of devices at risk

Severe WiFi security flaw puts millions of devices at risk

18 October 2017

A report published Monday said the breach could only happen if an attacker is within range of the potential victim, but the weakness could affect anyone using a Wi-Fi network, whether at home, the office or at a public coffee shop.

Anyway, if you've not heard, a security researcher today disclosed a massive vulnerability in the WPA2 security protocol that is used to encrypt Wi-Fi traffic. Hackers can steal sensitive data that has been decrypted a method called KRACK, or Key Reinstallation Attacks. You can make yourself safer by using a VPN.

Vanhoef gave companies advanced warning about the problem before announcing it publicly, which gave them time to find a solution. And you can watch the video above for additional information.

"During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks", he continued.

Consumers should act just as quickly to patch their phones, laptops, Wi-Fi base stations, and other gear.

KRACK targets people by manipulating the handshake messages, tricking them into re-installing encryption keys that are already in use. Security teams should take inventory of devices on their networks that could be affected by this far-reaching attack patch accordingly.

It is used to confirm both the user and access point possess the correct credentials such as entering the correct passwords.

A security researcher by the name of Mathy Vanhoef has discovered serious vulnerabilities in WPA2, a protocol that secures all modern protected Wi-Fi networks.

This attack technique bypasses established network defenses, including encryption, and works against all modern protected WiFi networks.

I don't see this becoming a major threat to most users unless and until we start seeing the availability of easy-to-use attack tools to exploit this flaw.

The vulnerability has more to do with flawed implementation than the protocol itself. Another expert says home users need not be too anxious, as the attack is "quite. complex.to carry out in practice", but that they should update their software whenever an update becomes available. You also don't need to change your Wi-Fi passwords, since this security flaw doesn't allow hackers to access that information.

Now since the vulnerability is so widespread, tech giants will have to speed up the patch process and issue updates to their users as soon as possible.