You might have awakened to some scary words pertaining to your WiFi this morning. And it’s true. One of the most common ways to secure your wireless internet has finally been exploited. We know this as WPA2 encryption and new research from Matthew Vanhoef and KU Leuven show a major vulnerability surrounding the protocol. Let us try to break down what this further means for your connected tech.
Well, the bad thing is that this potentially hits every WiFi capable device. The “good” thing is that the exact exploit and research suggests that the client side of the communication is the more at risk. So, the iPads, smartphones, and laptops are the hotter threat than say your router. Unless the router is set up as a client access point or repeater modes. The vulnerability was found in what’s called the 4-way handshake between routers and devices using WPA2 encryption. Ultimately, this means that the entire system is at risk, but especially on the client side.
What Do I Do?
First, you should disable WiFi on all devices that you can in your network. If you can hardwire it with ethernet then do it. You should also say goodbye to public WiFi until a fix can be found. Public WiFi is always a more susceptible network for intruders to be lurking. A VPN could also be a helpful tool for those who still need to use WiFi. This will add an extra layer of security between your connection and traffic. I’d recommend not jumping on the first available free VPN and use an establish paid service.
When Will It Be Fixed?
We aren’t sure yet, but talented people are already working on it. US-CERT, or United States Computer Emergency Response Team, has released a statement that they are aware and actively investigating the issue in hopes of helping find a solution.
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
While you may see the note at the end of the results being publicly disclosed as a negative, but the more eyes on proposed fixes the better. The open source community will be dedicated to making sure anything proposed is above board and brings a secure option back to us all. In the meantime, you should take the time to implement the precautions we’ve mentioned above. You should also be expecting a security patch update for your mobile devices, computers, and routers as soon as a viable solution is reached. You can find the blog post and more information on the initial report in the link below.
Our friends at Android Central have updated their list of vendors who’ve already pushed patches for their devices. And CERT has provided a landing page for all major vendors and their status concerning the vulnerability. Links for both have been added below.Krack Attacks Android Central Vendor Patches CERT Vendor Status