One must be very careful in not only accessing Wi-Fi networks but also protecting Wi-Fi networks from breaches. Security researchers now say a set of vulnerabilities identified of late can render virtually every Wi-Fi network insecure.

An expert from Kaspersky asks people to update their devices, including the router, and then change the Wi-Fi password to plug the vulnerabilities.

According to researchers, WPA or Wi-Fi Protected Access is not all secure. A key re-installation attack, or KRACK for short, can expose the Wi-Fi networks.

“Any Wi-Fi network that relies on WPA or WPA2 encryption can be compromised. And with WPA being the standard for modern Wi-Fi, that means pretty much every Wi-Fi network in the world is vulnerable,” a Kaspersky statement has said.

“Devices based on Android, iOS, Linux, macOS, Windows, and some other operating systems are vulnerable,” it said.

This attack works by abusing design or implementations flaws in the WPA2 protocol of Wi-Fi standard, known as the four-way handshake to reinstall an already-in-use key. This runs a reset and allows the encryption protocol to be attacked.

“Once the attack is successful, an attacker may take advantage of accessing and tampering network traffic, which may lead to login credentials or any other sensitive data theft or malware injection,” it said, quoting a research paper.

Vitaly Kamluk, Director of Global Research and Analysis Team (GReAT) for Asia Pacific at Kaspersky Lab, comes out with a prescription to address the vulnerabilities.

“Update all Wi-Fi client devices (such as smartphones, tables, personal computers) once security updates become available. This ensures a key is used only once, preventing the attack,” he says.

“You need to update the firmware of Wi-Fi routers. Changing your Wi-Fi password does not prevent or mitigate this attack. After updating your devices and router, it’s always a good practice to change your Wi-Fi password,” he points out.

“​If your router is not configured for automatic updates, contact your vendor immediately for manual updates. For ordinary home users, your priority should be to update your devices such as laptops, tablets and smartphones,” he says.

comment COMMENT NOW