Protect your Wi-Fi from KRACK vulnerability Protect your Wi-Fi from KRACK vulnerability

As most of you probably already heard, there's a new vulnerability called KRACK, which renders the WPA2 protocol powerless to stop proximity attacks. Since pretty much every WiFi network on the planet uses WPA2 security (the other existing protocols are even less safe) this problem affects all of us and it's actually bigger than you would originally believe. In case you're curious, here's what KRACK is and, more importantly, what we can do to protect ourselves.

Without getting too technical, let me try to make it clear what this vulnerability does: KRACK exploits a problem in the way the router communicates with the devices, which allows outside parties to intercept the WPA2 password that's being exchanged. This means that other people will be able to access your network and changing the password won't do you any good. On the plus side, in the vast majority of cases, the hackers need to be in the range of your WiFi in order to exploit this flaw so not everyone can do it. Once they crack into your network, the attackers will be able to intercept the data that's being exchanged between your WiFi devices and the Internet including usernames, passwords, addresses, financial data, etc. As far as I know, both Windows and iOS operating systems are safe from this threat due to the way the WPA2 is implemented, but Linux and most importantly Android devices are very exposed.

In order to keep yourself safe from this threat, you have a few options that don't require you to buy a new rooter with a KRACK-protection certificate. Since Android devices are the main problem and it's impossible to know how long it will take until a patch for each phone will become available, probably the smartest thing to do is to rely on cellular data instead of WiFi connections. If that's not an option, you should stick to using HTTPS websites instead of HTTP ones. Even though the HTTPS encryption isn't always enough, it's an extra step that's pretty easy to do and there's also a pretty cool extension called HTTPS Everywhere, which is very helpful. Additionally, whenever you're working with very private data: bank accounts, etc. or you connect to a public network, you should use a VPN service.

You should also take into account the smart devices in your home as those are the most vulnerable and practically impossible to defend. What's even worse is that usually, these don't encrypt their data so they can leave you very exposed. You should be especially careful with cameras that connect via WiFi as their feed can be easily intercepted by anyone nearby. Additionally, for the time being, try using Ethernet (wired network connections) whenever possible as that's a lot safer. Lastly, especially during this security crisis, keeping your router's firmware as well as your devices updated is paramount as almost every manufacturer is working on patches to solve this.

As a final note, I know I've just said that VPNs are very helpful against this threat, but don't rush in to use the first/cheapest services you see. Make sure that you choose a trustworthy VPN that won't intercept and log your private data, otherwise, you might have been better of with a hacker.

Comments