No Wi-Fi Network Is Safe From Hacking, Security Experts Warn
You might think your password is enough to protect you, but you're wrong - every WiFi network is vulnerable to attacks from hackers, according to a recent discovery.
Before you panic and disconnect yourself from the grid completely, though, you should know what this actually means, how and why it affects you, and what you can do to protect yourself.
While studying the WPA2 security protocol used to secure wireless networks, Belgian researcher Mathy Vanhoef recently discovered there's a "serious weaknesses" in the security protocols.
In a detailed paper and website sharing his findings, Vanhoef explains that hackers can infiltrate a network using key installation attacks (KRACKs).
"Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted," Vanhoef writes. "This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on."
He stresses that all modern Wi-Fi networks are affected because the flaw is "in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected."
The good news is that the weakness does not open you up to all hackers.
"The attacker would have to be physically close to the target," said the Britain's National Cyber Security Centre in a statement, "and the potential weaknesses would not compromise connections to secure websites, such as banking services or online shopping." The organization added that that it is investigating Vanhoef's report and that it will continue to update its safety advice for those concerned.
If you're browsing the internet and using a VPN or visiting sites that have additional security in place (look for https and the padlock icon in the URL bar), then you probably have nothing to worry about.
Vanhoef recommends updating all of your internet-connected devices now or as soon as an update is available.
"We have released a security update to address this issue," Microsoft told The Guardian. "Customers who apply the update, or have automatic updates enabled, will be protected."
Apple is also aware of the problem and said that the company will be sending out patches "in the coming weeks."
It's hard to listen to experts warning us not to panic in the face of such an exploitable, wide-scale problem, but what other choice do we have?
The main takeaway? Now's a good idea to invest in a VPN if you don't already have one, especially since Vanhoef believes that this flaw is only the beginning.