All Wi-Fi at Risk from Krack Attack

Share

"The attack works against all modern protected Wi-Fi networks", the researcher noted. However, the vulnerability is too severe to be ignored and one could use LAN instead of Wi-Fi until vendors issue a firmware update just to be safe.

From there, the hacker can spy on incoming and outgoing internet traffic and infect websites with malware or ransomware.

The researcher named Mathy Vanhoef discovered serious vulnerabilities in WPA2, a protocol that secures all modern protected Wi-Fi networks. "If your device supports Wi-Fi, it is most likely affected".

Linux-based systems seem to be particularly vulnerable to this type of attack because they require comparatively little effort to exploit - a potentially disastrous problem, since most Internet of Things (IoT) devices are basically Linux systems on a chip.

Although this isn't a surefire way to protect yourself from an attack, it's a good idea to stay away from public Wi-Fi networks until the issue has been completely mitigated.

More news: Sharif's son-in-law arrested, gets bail with wife
More news: Netanyahu Demands Palestinians Recognize Israel, Disarm Hamas
More news: The Sonic the Hedgehog Movie is Racing to Paramount

When using websites to transfer information such as credit cards or passwords make sure the URL begins with "https".

The Wi-Fi Alliance, an industry group which sets standards for wireless connections, said computer users should not panic.

Pretty sneaky, Microsoft. While some vendors were scrambling to release updates to fix the KRACK Attack vulnerability released today, Microsoft, quietly snuck the fix into last week's Patch Tuesday. That includes Wi-Fi enabled devices such as Apple computers, iOS devices, Windows computers, and more. There is still no specific information on Android phones, considering the fragmentation in that space and a lot will depend on how quickly phone makers want to roll out the updates. Those tools may emerge sooner rather than later, so if you're super concerned about this attack and updates are not yet available for your devices, perhaps the best approach in the short run is to connect any devices on your network to the router via an ethernet cable (assuming your device still has an ethernet port). While changing the password of your Wi-Fi network does not prevent or mitigate the attack, it's never a bad idea to change the Wi-Fi password, Vanhoef said.

An attacker in range of a target's device can exploit weaknesses in WPA2 using key reinstallation attacks (KRACKs), which allows them to view data that's meant to be encrypted.

Share