How to Stay Safe Now That WiFi’s Main Security Protocol Is Hackable
A couple of weeks ago, news broke that Wi-Fi’s most popular security encryption – WPA2 – is hackable. Two Belgian academic researchers found serious vulnerabilities in the protocol, which, if exploited, would allow adversaries to read the information transmitted across Wi-Fi networks. Theoretically, the security weakness could be used by hackers to eavesdrop on all data accessed and sent by an individual with a laptop, smartphone, or any device connected to Wi-Fi.
A security expert at KU Leuven university Mathy Vanhoef revealed through a dormant website that KRACK (Key Reinstallation Attack) cracks the WPA2 protocol by enabling nonce reuse in Wi-Fi’s encryption algorithms. Hackers can use KRACK to steal photos, emails, chat messages, credit card numbers, passwords and so on. The attack can break through all modern Wi-Fi networks and, depending on configuration, may allow hackers to inject ransomware and manipulate data.
KRACK was found to work in Apple, OpenBSD, MediaTek, Linksys, Linux, Android, and Windows systems. The flaw impacts the protocol, not any specific software or device, so it’s possible for the device owner to have the right implementations and still be affected adversely. Since the vast majority of Wi-Fi networks and devices use WPA2, and the fact that it’s a requirement to have WPA2 as standard since 2006, a large number of individuals and organizations are vulnerable to attacks.
How to Stay Safe?
Public Wi-Fi is a windfall, so we would have advised staying off it. But KRACK isn’t limited to public Wi-Fi – it works on all Wi-Fi. The good news is that the attacker would need to be in close range with the victim in order to conduct the attack, which limits its potential to a great extent. Still, if you’re using Wi-Fi, we recommend the following measures:
- Use HTTPS
If you’re able to use HTTPS, do so. Of course, it isn’t supported by all websites, but to know if it’s available, use an add-on that bumps you over to the website’s secure version, and rolls you back to the simple HTTP version if it’s not there. While HTTPS doesn’t offer perfect security, you’ll at least gain a peace of mind that the information sent by your device to the site you’re visiting is encrypted.
- Consider A VPN (Virtual Private Network)
When you use a VPN solution like SlickVPN, your internet traffic gets rerouted to an external server in a data center located somewhere. As a result, attackers won’t be able to see what you’re doing on the network, therefore they can’t intercept any communications via KRACK. Your data will be invisible to eavesdroppers when you’re connected to a Wi-Fi network via VPN, be it private or public.
- Switch Wi-Fi Off When It Isn’t Needed
A basic rule of security. If you have offline copies of your documents and email to work with or use Google Drive to get things done, then you don’t have to be connected to Wi-Fi. It’s a nice habit to adopt when you’re using untrusted networks, plus it’ll save you battery life. If you’re using Mac, it’s possible to instruct the computer to reactivate the Wi-Fi connection after you’ve spent a short time offline.
- Don’t Discount Ethernet
Sometimes, it’s not possible to remain disconnected from Wi-Fi. However, you may be able to use an Ethernet connection for your online needs in some instances. While your router’s vendor works on an update that protects against KRACK, you can use an Ethernet cable that’s attached to your PC and your router to form an internet connection. While this method doesn’t offer a fool-proof fix, it can certainly help you to feel more secure.
- Cellular Data Can Save the Day
Although using the internet via cellular data isn’t possible on all your devices, you can work with your smartphone and any tablet devices that accommodate a SIM card and internet data. Reliability and internet speed of cellular data has grown in recent times, and if you’re on an unlimited data plan, you can also tether your laptop instead of connecting to a Wi-Fi network.
In addition to taking these measures, keep an eye out for firmware updates. The researchers warned the Wi-Fi Alliance and other network appliance manufacturers prior to publishing their paper, so they’ll be in the process of releasing firmware updates that can counter the issue of key reinstallation. So check if fresh updates are available for your router and download > install them as soon as possible.