So, by now, you’ve probably heard of the KRACK vulnerabilities and the announcement made through a website that credits Mathy Vanhoef of imec-DistriNet with the discovery. While, there is a lot of technical jargon, what is essentially happening with this vulnerability is that it gives people easy access to Wi-Fi networks through the core WPA2 protocol. Even the Wi-Fi based encryption is no match, and those with malicious intent have basically an open ledger to peruse at their leisure both a wealth of information and the ability to upload ransomware to devices on these networks.
While this is mainly going to affect Android and Linux users, iOS and Windows is also vulnerable, so really everyone is affected by this. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” researcher Mathy Vanhoef, of the Katholieke Universiteit Leuven. “The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
We don't shill.
Check out TNW's Hard Fork.
CEO of AnchorFree, David Gorodyansky says that it’s important to keep in mind that “KRACK does not change things that dramatically for most users: Wi-Fi has always been a massive threat vector and a major source of attacks against users and businesses. Older Wi-Fi encryption protocols have been hacked more than once in the past, and a lot of the real damage is already being done through a lack of awareness and social engineering. This includes simple things that most people don’t do with their home security before you even discuss encryption, such as not changing their password on their router from the basic “admin/admin,” or keeping network-attached storage with no password, that turns “hacking” into simple theft like leaving your door unlocked.”
Even so, what can the typical user do to protect themselves from hackers that may piggy-back off your Wi-Fi (both home and public networks) to access sensitive information and upload malicious content? Well, there are a couple of things.
Update your things
Literally, this is so simple, yet so many do not do it regularly. We’re all guilty of pushing off that latest Windows or AVG update, because the hassle of restarting our devices is apparently too great. Keeping all of your devices up to date will help address new threats that are popping up on a daily basis. While it’s not perfect, it is definitely an easy task to accomplish and well worth the time.
A VPN is another method you can use to protect your information and data. While, there are many out there that are sketchy at best, there are services out there that offer a great VPN service to protect your data and offer new, better layers of encryption.
Cellular service has become pretty impressive, and if you’re not living under the constant stress of using too much data, it’s not a bad idea to consider using cellular service when available. While there can still be issues with this method, especially Android 6.0 and newer, it is a good way to protect your devices from those with ill intentions.
Use Ethernet when available
This isn’t always an option, but should be utilized when available – especially right now while routers and software are being updated to account for the KRACK vulnerabilities. You can take it one step further by actually turning off the Wi-Fi signal on your router, but sadly, this isn’t available for everyone. You may not be completely protected ever, but this can help with some of the more known infiltration methods.
While complete protection against everything is an unrealistic goal, the steps above are very easy to accomplish and start implementing today.
When asked about protection methods, Gorodyansky added, “Now is a great time for a full security audit of your home – go to your router’s admin page and change the admin password on your router from the generic one provided. If you keep any important information (social security numbers for example) in a plain text file, delete it immediately. Start using a password manager to aggregate your information.
Most importantly, update your router’s firmware and any router in your house’s firmware the moment you can, along with any devices that can output a wireless connection (such as your mobile hotspot). Don’t write down any of your passwords. The easiest way to have your data “hacked” is for someone to take the most obvious approach — a VPN is a powerful solution that anyone can use, but never forget that criminals love an easy score.”
This post is part of our contributor series. The views expressed are the author's own and not necessarily shared by TNW.