What is WiFi Security?
Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. The most common types of wireless security are wired equivalent Privacy (WEP) and WiFi Protected Access (WPA).
Does This Effect Me?
YES! E-V-E-R-Y-O-N-E is at Risk! Consumer Reports latest article alongside numerous tech world and major news outlets all report how serious the threat is and expose the vulnerability that anyone with a computer, laptop, smartphone, tablet…etc. and router are ALL exposed, sitting ducks, with a plethora of private information out there for the criminals to grab. A fix is eminent and in the works but with the hot topic now on the airwaves, any hacker who didn’t know of the flaw before is utilizing every available resource now to crack the KRACK before it can no longer be hacked.
Every WiFi connection around the world is officially vulnerable to hackers. This is the first security flaw found in modern technologies that are supposed to SECURE WiFi networks since 2002 and has been named “KRACK Attack” short for, Key Reinstallation AttaCK, by Mathy Vanhoef, a security expert at Belgian University, KU- Leuven. The discovery of the weakness in the wireless security protocol, WPA2, that is used to protect the vast majority of WiFi connections shows how hackers are able to inject PC viruses into internet networks, read peoples passwords, credit card numbers, eavesdrop on private conversations, read emails and view photographs sent over the web. Full disclosure and view of your every click, purchase and move throughout your personal or businesses entire network. Connecting to a secure network requires a four-way “handshake” between a device and a router to ensure that nobody else can decrypt the traffic. Mathy Vanhoef found a way to install a new “key” used to encrypt the communications onto the network, allowing a hacker to gain access to the data.
How is it Fixed?
The only way to “fix” the flaw would be to manually replace or patch every router in people’s homes and businesses. While the attack is not technically easy, tools will soon pop up allowing for criminals to carry out the attack. In the meantime, the most suggested method of protection for your network until this patch is created would be:
What Should You Do? Business Owners and Personal Protection Methods
Keep in mind that it may take some time for the manufacturer of your devices to come up with a security patch. In the meantime, there are extra steps you can take to help secure your devices.
If your business is paying someone to maintain and monitor your entire network, then they should be double-checking all devices to make sure they are patched to prevent this vulnerability. If you don’t have an agreement with an IT company like CCSI, this vulnerability could almost certainly affect your business.
Both Businesses and Home network users alike are encouraged to use a VPN (Virtual Private Network): VPN’s allow you to access the internet anonymously and protect your privacy online. Instead of your network directly connecting to your target site (let’s say Facebook), it connects you to a VPN server in the cloud which acts as your primary network and talks clearly to the target server on your behalf. The end server (Facebook) doesn’t know your real IP. Anybody who wants to watch you has to do it between your VPN server and your target server, your true network/IP is never exposed or put at risk.
Additionally, only using HTTPS-enabled websites means your web traffic will also be encrypted by SSL and may be safer from this vulnerability. HTTPS browsing adds an extra layer of security by using encryption via the website you are visiting.
Wi-Fi users should immediately update their Wi-Fi-enabled devices as soon as a software update is made available. Wi-Fi enabled devices are anything that connects to the Internet — from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.