WPA2 WiFi vulnerability identified

Almost all Wifi networks are at risk of being hacked.

News of a security vulnerability in the WPA2 encryption protocol (used by most WiFi networks) has emerged this morning.

The vulnerability known as KRACK, or Key Reinstallation Attacks, emerged this week after experts from the Katholieke Universiteit in Belgium posted their findings Monday morning.

“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef said. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.

The vulnerability affects a number of operating systems and devices, Vanhoef says, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others.

“If your device supports wifi, it is most likely affected,” Vanhoef writes. “In general, any data or information that the victim transmits can be decrypted … Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).”

Crucially, the attack is unlikely to affect the security of information sent over the network, which is protected in addition to the standard WPA2 encryption. This means that connections to websites using HTTPS protocol are still safe, as are other encrypted connections such as email communications which uses the STARTTLS. So the usual advice still applies – If you are entering any details such as credit card information on a website, make sure the URL begins with “https://” and ensure that the padlock symbol is visible next to the website address to show that the site is secure.

Some manufacturers have already addressed the issue, while others are currently beta testing patches.  If Integrity IT have installed your WiFi network, you don’t need to take any action.  We will be rolling out updates to any affected systems as soon as they become available


Leave a Reply

Your email address will not be published. Required fields are marked *