Today, security researchers have published an article describing a serious vulnerability in WPA2, the protocol that secures the most modern Wi-Fi networks, including that of your home. Here's how to protect yourself from attackers.
What is KRACK, and should I be worried?
KRACK is a shortcut to the key reinstallation attack. When you connect a new device to a Wi-Fi network and type the password, a four-way call is made, ensuring that the correct password is used. However, by manipulating part of this handshake, an attacker can see and decrypt much of what happens on a Wi-Fi network, even if its owner does not know the password. (If you are technically and safely, you can read the full article for more details.)
Once someone has access to your network this way, it can see most of the data you are transmitting, or even injecting its own ransomware and other malware -into the sites you visit (at least those that use HTTP sites using HTTPS should be safer from injection).
As we write, almost all devices are vulnerable to KRACK, at least in one form or another. Linux and Android devices are the most vulnerable because of the specific Wi-Fi client that they use. It is trivial to see large amounts of data transmitted by these devices. Note that KRACK does not reveal your Wi-Fi password to the attacker, so changing it will not protect you. However, WPA2 is not irreversibly broken – the problem can be solved with software updates, which we will discuss in a moment.
Should you be worried? Yes, at least a little. If you are in a single family home, the chances that you are targeted are weaker than if you were in a busy building, for example, but as long as you are vulnerable you should be vigilant. It's probably a good idea to stop using public Wi-Fi, even protected by a password, until the patches are released.
Fortunately, there are a few things you can do to protect yourself.
How to protect yourself from KRACK attacks
This is a major security issue that will likely prevail for some time. However, here are the things you should do right now.
Keep all your devices up to date (seriously)
You know how your PC and your phone always harass you about software updates, and you only have to click on "Install later"? Stop doing that! Seriously, these updates fix vulnerabilities of this type, which protect you from all sorts of nasty stuff.
There are not yet many devices for KRACK, but they will soon do so. And fortunately, as long as a device in a pair is patched – be it the router or the computer / phone / tablet that connects to it – the data transmitted between them should be safe
This means that if you update your router's firmware, your network must be protected. But you will always want to upgrade your laptop, phone, tablet and any other device you bring to other Wi-Fi networks, in case they are not patched. Fortunately, your computer, phone and tablet will notify you of updates, but you should periodically check your router manufacturer's website for firmware updates from the router (if you have an older router). (If yours does not update, it may be a good time to update this router .) Make sure your new patch is installed on KRACK before buy it.)
Meanwhile, if your router is not patched, it is extremely important that all devices in your home network are. Unfortunately, some may never get them. Android devices, for example, do not always receive updates in a timely manner, and some will never receive one for KRACK. Smarthome devices can also be problematic because they can still receive malicious software that is part of a botnet . Monitor the firmware updates on all other devices connected to the Wi-Fi that you are using and send them by e-mail to the manufacturers of these devices to know if they have issued or are planning to issue 39 a patch. Hopefully, since this vulnerability is already making big waves, manufacturers of devices will be encouraged to release patches.
Here is a list of devices that have been patched
or will soon receive patches.
Use the HTTPS protocol on sites that support it (probably already)
Until your devices receive patches, be sure to take care of your personal data. If you do something sensitive on the email, the bank, any site requiring a password, make sure to do it by . The HTTPS protocol is not perfect and some sites have not implemented it correctly (like Match.com, as the researchers have shown) but it should always protect you in many situations
Fortunately, more and more sites are using HTTPS by default these days so you should not have to do much. Make sure to see this small lock icon when you log on to a site requiring a password or credit card. And make sure that the lock icon stays there while you are using the site because an attacker could attempt to remove HTTPS protection at any time
Changing the default settings for your router and other peripherals
Even if your router is patched, it does not mean that it is safe from other attacks. Someone could compromise one of your devices using a KRACK attack, and then install malware that attacks your network in another way, such as connecting to your router using the password provided. Make sure that you do not use the default password on any device in your home, make sure your router uses WPA2 with AES encryption and disable unsecured router functions such as than WPS and UPnP. These are all fundamental things that everyone should do but now is the right time to check.
Run an antivirus and an anti-malware on your PC
This should be taken for granted, because you should already do so, but make sure you have decent antivirus and anti-malware software running on your PC. KRACK attacks can be used to inject malicious software on sites you visit, and "just using common sense" will not protect you . We recommend that you use Windows Defender which is integrated with Windows 8 and 10, for your antivirus, and Malwarebytes Anti-Malware to protect you from the exploits of the browser, Other types of attacks. Even if all your devices are fully patched against KRACK, you should use these programs.
In short, this vulnerability is important, and the only way to protect yourself is to make sure that your router and all your Wi-Fi connected devices are up to date. But while waiting for these updates, basic computer security can do a lot: use HTTPS wherever you can, do not use the default passwords on your devices, run an antivirus and an anti-malware. software as soon as you get this notification. You do not want to be attacked only to achieve five minutes of updates that could keep your data safe.