A design flaw has recently been found in a widely used wireless network security protocol which makes it possible for cyber criminals/hackers to access password protected Wi-fi networks and potentially access the data. KRACK (or Key Reinstallation Attack) targets Wi-fi Protected Access Protocol (WPA2, also known as WPA2-PSK (Pre-shared Key).
Wi-fi protocols all form part of a set of Wi-fi standards and specifications known as IEEE.802.11. The flaw in WPA2 means the hackers don’t need to know the password to access the Wi-fi network.
Usually changing your Wi-Fi network security password would be the first step but won't do a lot of good in this case eventhough KRACK doesn’t expose the password to the hacker. The good news is that the risk can be avoided by applying an update or patch to your device(s) by making sure it’s up-to-date. This includes all PC’s, laptops, smartphones, tablets and anything else that connects on a Wi-fi network.
Home user’s Wi-fi networks aren’t as likely to be targeted as large businesses and corporations but it’s worth noting that public Wi-fi areas are also risk areas when connected with mobile devices.
WPA2 is usually considered a trustworthy protocol when securing your Wi-fi network using a passphrase or password to stop other people from just connecting if in range.
To understand a bit more about Wi-fi security, below is a brief summary of the most widely used modern protocols.
WEP (Wired Equivalent Privacy) was the first encryption method for protecting data on a Wi-fi network. Now considered the weakest of the bunch and most or less phased out
WPA (Wi-fi Protected Access) developed in 2005 replacing WEP as a more secure protocol with use of pass phrases. This method uses TKIP (Temporal Key Integrity Protocol) which mixes the encryption us to make it hard to crack
WPA2 is an enhancement of WPA and offers stronger encryption method than its predecessors called AES (Advanced encryption Method) as well as the facility to create a unique passphrase or password
Protection against KRACK
So, in summary, Krack is widespread since it can affect any type of wireless connection using WPA2. That is not to say WPA2 can no longer be used because it is still the best and current security protocol to use once updated against KRACK.
We all need to be mindful when using public or private wireless networks. There's no need to panic, it's a case of using common sense and follow some basic security guidelines.
Here are a few good methods for protection against KRACK.
- Update all your devices. If you are not sure how to do this, Google it or seek professional advice
(PC, laptop, smartphones, tablets, smartwatches, smart home devices and your Wi-fi router)
- Use HTTPS instead of HTTP when browsing to websites with a web browser
(see full explanations of these terms in the TECHNICAL GLOSSARY page of this blog)
When it comes to dealing with anything secure online such as internet banking, email accounts or anything to do with card payment details then it's advisable to use HTTPS in the browser in favour of HTTP
- Wi-fi Router default settings
Wi-fi routers generally come out of the box with basic ‘admin’ usernames and passwords. It’s always a good idea to change the credentials to your own secure login details as soon as it’s up and running. Also making sure the latest WPA2 with AES encryption are enabled.
- Run anti-virus software and anti-malware on your PC/laptop
It’s good practice to do this anyway. There are some good free products out there as well as the paid for versions which can get a bit pricy.
I’ve paid for Norton Antivirus in the past but it is a bit expensive. Here’s a link to some of the best free anti-virus products currently available.