Wi-Fi Devices Vulnerable to KRACK Attacks: Your 10-Point Cheatsheet

Wi-Fi Devices Vulnerable to KRACK Attacks: Your 10-Point Cheatsheet

Wi-Fi Devices Vulnerable to KRACK Attacks: Your 10-Point Cheatsheet

According to Vanhoef, the vulnerabilities can be patched, but a simple password change would not secure the system. The possible ramification of the startling discovery stretches worldwide from Allahabad to Auckland.

As of this writing, the attack has not been seen in the wild.

The vulnerability is the first to be found in the modern encryption techniques that have been used to secure Wi-Fi networks for the last 14 years. Hackers can steal sensitive data that has been decrypted a method called KRACK, or Key Reinstallation Attacks. The United States Computer Emergency Readiness Team issued a warning about Krack Sunday, and Britain's National Cyber Security Centre says it is investigating the weakness.

There is still a question mark on Wi-Fi routers however. "It is hard to implement". In the meantime, treat every Wi-Fi connection like it's the public network at Starbucks.

Vanhoef has responded to the difficulty question in the blog.

More news: Confusion in Catalonia: independence declaration signed but not implemented

As scary as this attack sounds, there are several mitigating factors at work here. Those tools may emerge sooner rather than later, so if you're super concerned about this attack and updates are not yet available for your devices, perhaps the best approach in the short run is to connect any devices on your network to the router via an ethernet cable (assuming your device still has an ethernet port). "While you wait for an update, you can use your Wi-Fi in hidden mode". OpenBSD, Linksys, Windows, and MediaTek were all open to KRACK attacks.

However, because this attack compromises the WPA2 protocol that both your wireless devices and wireless access point use, MAC filtering is not a particularly effective deterrent against this attack. As for Google, it's promised to beam out an update in the coming weeks starting with the Pixel series on November 6. Microsoft says that it released a security fix on October 10, so anyone on the latest version of Windows 10 will be protected.

So, while our PCs are protected because we have automatic updates enabled, you can download the updates for your PCs by referring to the table provided by Microsoft, if you haven't enabled automatic updates. But I find it interesting that Microsoft already fixed this issue.

We all love to be connected on Wi-Fi, but the very same Wi-Fi that we are using has a serious vulnerability. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. He also says that the efficacy of the attack depends on how close the victim is to the network. It recommended installing vendor updates on affected products, such as routers provided by Cisco Systems or Juniper Networks. The list includes links that will be updated to each company's patches or recommended fixes.

Related news