KRACK Attack Puts Every WiFi at Risk

A newly discovered security flaw that leaves your home router along with most WIFI connections you connect to vulnerable. This means any personal data you own is up for grabs to this technique. “Called Krack, the attack takes advantage of the four-way handshake, during the third step in the process, hackers can resend a key in such a way that it resets the encryption key to zero.” (NBC Report) Encryption is a process scrambles the data you are transmitting in a way that is virtually ‘unreadable’ to those who do not have a decryption key. With an unencrypted session, hackers can grab whatever your devices are doing.

According to NBC, this attack was revealed on October 16th, 2017 by Mathy Vanhoef and Frank Piessens, two researchers of KU Leuven in Belgium. Upon realizing this protocol exploit was a weakness and not a bug, they alerted the United States Computer Emergency Readiness Team (CERT). The troubling issue with this is that it can affect nearly every single type of operating system. Below is a video showing clips of how these two were able to use the attack to hack into an Android 6.0 smartphone.

How To Protect Yourself

In short, the most efficient way to protect yourself is to make sure all your devices (including router/modem) are up to date with the current firmware and/or latest patches. It is highly recommended if you don’t see a patch for your home network equipment in at least a week, you should get a new Wi-Fi access point for your house. Another way around this issue is to use a virtual private network (VPN). It is reported that if you use VPN on your home network, hackers won’t be able to decrypt your data.

What do you think? If this vulnerability has been around for 14 years, Why is it just becoming public now?