A huge flaw in Wi-Fi devices using WPA and WPA2 security encryption was exposed yesterday. Attackers can use this flaw to steal sensitive data – passwords, credit card numbers, emails – or inject malicious software into websites. If you’re using an Android device, an attack could be “extremely devastating”.
The flaw has been named KRACK which stands for Key Reinstallation AttaCK. Basically the flaw takes advantage of the wpa2 security protocol. This wpa2 protocol is the most common used by internet users.
Attackers can clone a protected Wi-Fi networks while forwarding the internet connection. This means the user can still access the internet while the attacker uses KRACK to obtain a man-in-the-middle (MitM) position between the victim and the real Wi-Fi network. The attacker does not get access to your WPA2 Wi-Fi password, but it does allow them to 'listen in' on the information that a is being sent between an access point and user.
Fortunately for the attack to take place the hacker / attacker needs to be in the physical vicinity of the Wi-fi Device.
Do I Need To Buy A New Router?
Simply put, no. However, these devices and other devices that connect to the internet via Wi-Fi are potentially open to attack until manufacturers and suppliers roll out patches for them.
Need help with your I.T security? Stellar Tech I.T can help! We offer a huge number of I.T related security services to businesses throughout South Australia and beyond!
Call us on 08 8522 3997 to arrange an appointment or use our online booking form here!