The WPA2 security protocol (stands for Wi-Fi Protected Access 2 and is the common method of securing networks through the use of a ‘key’) has been providing effective and reassuring protected access for wireless networks since 2004. Suddenly, however, all bets are now off – due to a new threat known as KRACK, which exploits a vulnerability in the ‘handshake’ that controls data transmission between two systems or devices, subverting its encryption.
WPA2 is employed by millions of corporate and private users to keep their smartphones, routers, laptops and IoT Wi-Fi networks safe. Hackers can now potentially use KRACK to indulge in connection hijacking, decryption, malware injection, packet replay and a host of other undesirable activities – leaving credit card numbers, passwords, chats, emails and documents vulnerable to hijacking.
Security researchers maintain that open source and code transparency could have prevented this issue from happening in the first place. Fortunately, there are a number of ways of staying safe. These include connecting exclusively to secured services, using a wired network and a tried and tested VPN service. If in any doubt, it’s best to avoid using Wi-Fi altogether, and update all affected products as soon as security fixes become available.
However, with all this scary talk about absolute security meltdown, it’s good to know that KRACK has so far been a proof of concept hack only. Practically, it is an unlikely hack to pull off, as the perpetrator would need be within a victim’s network range.
Read more at https://www.windowscentral.com/krack