Affected By the KRACK WiFi Vulnerability? Here’s What To Do!
Earlier this week, researcher Mathy Vanhoef notified the public that WIFi devices around the globe are vulnerable to hacking. This is due to a WiFi vulnerability in WPA2 encryption – the world’s most widely used WiFi encryption protocol.
What can a hacker do using the KRACK vulnerability? The hacker can intercept only the unencrypted internet traffic your device (laptop, smartphone, tablet) and a router. An attacker cannot look at encrypted traffic. A hacker may also do some packet injection. This is the same data privacy issue people encounter when they use public WIFI like in airports and coffee retail stores.
For a hacker to access your WiFi network, they need to be within range. This is generally a maximum distance of about fifty feet.
How Can I Fix the KRACK Vulnerability?
Devices can be patched. Unfortunately, patched devices can still communicate with unpatched devices. Update all your WiFi devices! ALL of them! Routers, Android devices, laptops, and iOS devices. Everything!
Microsoft has a patch for Windows 8, Windows 8.1 and Windows 10. Download the Microsoft security patch here. Google will issue a security patch on November 6th. The fix for the KRACK WiFi vulnerability is currently in the betas of iOS, macOS, watchOS, and tvOS.
Apple is not issuing a standalone patch for the KRACK WiFi vulnerability but is including it in the next release. IN the meantime, Apple users can download a beta version of the next update which includes a working security patch for iOS devices. Fix the KRACK WiFi WPA2 vulnerability by downloading the beta versions of macOS, iOS, tvOS, and watchOS.
Update your router’s firmware! The first thing you should do to fix the WPA2 vulnerability is to update the firmware on your WiFi access point, aka your router. If you are using a router given to you or co-branded by your ISP – Comcast, Verizon, Time Warner Cable, etc. – then check with them and find out if they patched the equipment.
If you’re worried, you can plug an ethernet cable into your router and disable to WIFi until the equipment is patched. If your ISP does not get around to patching this vulnerability fast then change internet providers. If you don’t know how to log into your own router (many don’t) then look for a user guide online. Log in and take the update manually.
Until all devices are updated with patches there is not much else you can do other than avoiding WiFi usage altogether. There is no protocol to switch to like when WEP encryption was abandoned in favor of WPA. WPA1 is also affected by the KRACK vulnerability. The outdated WEP encryption is worse than WPA2.
The good news is that no one knows what the hack is other than the Mathy Vanhoef who discovered it. The bad news, now that it has been discovered it is a matter of time until hackers dig in and figure out the hack too!
Michelle writes about cyber security as well as how to protect data online. She has worked in internet technology for over 20 years Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers