KRACK And Wi-Fi Security

Actions
KRACK And Wi-Fi Security
Srdjan Kali

Article by

Srdjan Kali

Aug 26, 2019

Everything you need to know.

One disadvantage of Wi-Fi-connected devices may be that you may be attacked by nearby hackers. Here are the answers to your questions about it. Wi-Fi is everywhere, and you're on it all the time. Beware. The newly discovered weak point of Wi-Fi puts every device at risk, from the computer in your work to the phone in your hand and the laptop you carry to the cafe. What is particularly frustrating is that an attack, called KRACK, could run through a vulnerability in basic security protocol. Here is a list of all the key information.


What happened?

A researcher in Belgium named Mathy Vanhoef ran into a code problem behind WPA2, a protocol that allows wireless connections to work on virtually every device. This flaw means that all devices are compromised by hackers who want to capture internet traffic coming in and out of laptops, phones, smart home devices and anything else with Wi-Fi connectivity.


Why the name KRACK?

Abbreviation for "Key Reinstallation Attack". This relates to a trick Vanhoef determined could be used to open your internet traffic to hackers, forcing the device to repeat sensitive identification information before establishing an internet connection.


Is he as dangerous as he looks?

The good news is that a hacker needs to be close to take advantage of this problem. The bad thing is that it can run on just about anything near a Wi-Fi connection. Your devices are probably compromised.

 

Do attackers need to have physical or local access to your network, or can they do it remotely?

Hackers need to be near your device to use this attack. This greatly reduces the breadth of attacks that one hacker can execute at once. However, the weakness is so widespread at the moment that Vanhoef says everyone should assume that all their devices are affected and vulnerable.


What is the best way to protect me?

The most important thing you can do is to update your devices as soon as the patches become available. Next, you will want to consider updating your router's firmware if the manufacturer does not automatically update it for you. Here's a more detailed list of steps to take to ensure yourself (https://www.cnet.com/how-to/krack-affects-everyone-heres-what-to-do-now/), and here, from our colleagues at ZDNet, is a list of all patches released so far (http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now /).


Can't I just change my Wi-Fi password?

You can change passwords as an additional safeguard - but this is the least important step. While your instinct may be to change your passwords immediately, it will not prevent hackers who know how to use KRACK.


When will companies start issuing patches?

Windows clients are already protected if they installed software updates. Apple says it is completing patches for iOS, macOS, WatchOS, and TVOS that will be available in the next few weeks. Google says it is aware of the problem and will release any necessary patches in the coming weeks. Amazon is also considering what patches are needed. Linksys and Netgear router makers said they were aware of the problem; Netgear began to issue patches.

Samsung products are at risk, and the company has not responded to requests for comment on when updates will be available.

Here (https://www.cnet.com/news/krack-wi-fi-attack-patch-how-microsoft-apple-google-responding/) is a list of how companies respond to KRACK so you can follow it.

 

Comments (0)

You must Register or Login to post a comment

1000 Characters left

Copyright © GLBrain 2024. All rights reserved.