Say Hello To KRACK: WiFi Is No Longer Secure

Wednesday, 18 Oct, 2017

"Krack Attack" allows hackers to steal credit cards, bank info and more. They found the attack "works against all modern protected Wi-Fi networks" and against 41% of all Android devices.

A major flaw has been discovered in a security protocol called WPA2 that protects most Wi-Fi networks, Business Insider reported.

Wi-Fi networks across the world are at high risk of getting hacked right now thanks to newly discovered vulnerabilities in WPA2 (Wi-Fi Protected Access II).

All Wi-Fi enabled devices such as Apple computers, iOS devices, Android phones, Windows computers, and Linux computers are affected.

However, it is not all bad news. This also means that any attack being mounted is limited to that particular Wi-Fi network. Potential attackers can access users' Internet traffic and intercept sensitive information. Also, many websites add an extra layer of HTTPS (Hyper Text Transfer Protocol Secure) encryption to ensure that the data is scrambled as it travels on the network, and KRACK is believed to not break that encryption.

England up to 12th in Federation Internationale de Football Association world rankings; Republic, Scotland also climb
The first ball drawn determines which team plays the first leg at home, and the second one decides who'll host the return leg. Who will be the team for Northern Ireland and the Republic to avoid? That draw takes place on Tuesday.

The group says the problem can be resolved through straightforward software updates. According to The Verge, Microsoft has already released a fix for customers using Windows devices. There is still no specific information on Android phones, considering the fragmentation in that space and a lot will depend on how quickly phone makers want to roll out the updates. "But one would need to be careful about using public Wi-Fi", says Bhattacharya, also a "bug bounty" hunter. They have advised Wi-Fi users to contact their vendors for updates.

Moving forward, at the very least you should get ready to update your router's firmware, as it's possible your manufacturer will have a patch in the very near future.

"Wi-Fi Alliance now requires testing for this vulnerability within our global certification lab network and has provided a vulnerability detection tool for use by any Wi-Fi Alliance member".

Internet of Things devices are at serious risk too. This vulnerability can access devices and WiFi access points (APs) to steal data or infect a protected network, potentially threatening healthcare network security as well. "Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together", the statement said.