Update everything: Discovery of Wi-Fi flaw in connected devices
By Cameron Abbott, Rob Pulham and Olivia Coburn
A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.
The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.
Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.
Hackers could exploit KRACK to eavesdrop on traffic through any access point in their physical proximity, or interrupt and affect information flow by injecting or manipulating data – including ransomware or other malicious content.
The flaw can be abused by hackers to steal sensitive information including credit card numbers, passwords, emails, photos and messages.
Vendors including Microsoft and Apple are reportedly issuing patches in updates to fix the flaw.
So how do you protect yourself? Check for, and quickly install, updates on your modem/router, connected devices, software and applications as they become available.