KrackAttacks: What you need to know

Security & Privacy, Threats & Hacks

Wi-Fi was not built to withstand the security challenges of the 21st century , and many cyber security experts advise caution when using it. And those warnings became more relevant than ever today after the disclosure of a series of Wi-Fi vulnerabilities. Attackers can exploit these vulnerabilities to perform a wide variety of attacks, including intercepting and modifying your internet traffic while it’s exchanged between devices and routers.

But the worst part of it is that it’s an issue with Wi-Fi protocols, which means it affects practically every single person in the world that uses Wi-Fi networks.

You can read about the technical nuances here. But basically, the issues are with the Wi-Fi Protected Access II (WPA2) security protocol. This protocol provides some basic security measures for Wi-Fi. Originally introduced in 2004, it’s now a widely-implemented standard used in practically all Wi-Fi networks and devices.

So for almost 15 years, it’s been used as a defacto standard for Wi-Fi. Which means almost every Wi-Fi network (and devices that use them) are vulnerable to the attacks, dubbed KrackAttacks by the researchers.

“How vulnerable individuals are depends a bit on things like what device they’re using, but this is something that could potentially hurt anyone that uses Wi-Fi without taking the proper precautions,” says Jarno Niemelä, Lead Researcher at F-Secure Labs. “But security problems with Wi-Fi protocols are a well-known issue. This is just another needle in the haystack of network security deficiencies people need to know about.”

And there’s the silver lining.

We’ve actually been living with the risks created by insecure Wi-Fi connections for many years, and users can protect themselves by taking some basic security precautions. Here’s the best ways to stay safe from KrackAttacks and other threats targeting people through their Wi-Fi connections:

Use a VPN

A VPN (virtual private network), such as F-Secure Freedome encrypts your data while it’s in transit. This is a great way to secure your information when using Wi-Fi, and should be considered essential when using a publicly accessible Wi-Fi network.

Update your devices

Attacking routers is a means to an end for attackers. What they’re really after are your devices. They want to steal your credit card info, passwords, and other data. And that’s what the KrackAttacks are actually doing. Updating your devices’ software and operating systems is sound security advice, so use this as a reminder to make sure your desktops, laptops, phone, and tablets are all updated.

Update your routers

Routers have a long history of security problems. They’re often poorly supported by device vendors (and in some cases not at all). You should check your router’s settings to see if there’s a firmware update available, or possibly the website of your router’s manufacturer or vendor. If you’re not getting security updates for your router, consider getting one built to be secure.

[Image by Sunil Soundarapandian |Flickr]

1 Comments

quick questions:

Does the Freedome software prevent apps on an Android phone from starting communications until the VPN tunnel is established?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

You might also like