{"id":179262,"date":"2017-10-20T07:45:00","date_gmt":"2017-10-20T12:45:00","guid":{"rendered":"https:\/\/www.ntegrait.com\/all-you-need-to-know-about-wifi-krack-attacks\/"},"modified":"2017-10-20T07:45:00","modified_gmt":"2017-10-20T12:45:00","slug":"all-you-need-to-know-about-wifi-krack-attacks","status":"publish","type":"post","link":"https:\/\/ntegrait.com\/all-you-need-to-know-about-wifi-krack-attacks\/","title":{"rendered":"All You Need to Know About WiFi Krack Attacks"},"content":{"rendered":"

Krack Attacks:\u00a0 You use WPA2 to access the internet every day, and you could be vulnerable to a Krack Attack. \u00a0<\/strong><\/p>\n

\"KRACK<\/p>\n

Virtually all modern WiFi networks employ WPA2 as a security protocol. \u00a0A couple of months ago, a security researcher named\u00a0Mathy Vanhoef<\/a>\u00a0discovered an existing vulnerability in all WPA2 WiFi network connections. \u00a0He called this vulnerability a\u00a0key reinstallation attack<\/em> or KRACK. Hackers could possibly exploit this flaw to create a copy of data transmitted over the WiFi connection without having to know your device or WiFi password.<\/p>\n

How Serious Are Krack Attacks?<\/strong><\/h3>\n

As Larry David might say, this flaw could be pretty, pretty, pretty serious. \u00a0Since almost all internet connections employ WPA2 as a security protocol, it really won\u2019t matter if you get online with your laptop, Android or Apple phone, or any other device. \u00a0Since the attacker doesn\u2019t need a password, your secured device or router won\u2019t help either.<\/p>\n

If a hacker knew how to steal data with a Krack attack, his only limitation would be that he needs to physically be within the range of your online connection. \u00a0If you\u2019ve ever checked for internet connections on computer or phone, you already know that you are almost always within range of several secured or unsecured connections if you\u2019re at home in your neighborhood or at work in your office.<\/p>\n

The hackers steal data through your connection and not from your computer, tablet, or phone so all devices could be impacted. \u00a0Dozens of name-brand router, computer, and device vendors have been impacted by and notified of the problem. \u00a0The researcher said that Android and Linux were the most vulnerable. \u00a0Still, the list of impacted vendors includes Apple, Microsoft, Cisco, and much more.<\/p>\n

Are Vendors Fixing Their Systems Against Krack Attacks?<\/h3>\n

Vanhoef\u00a0discovered the possibility of Krack attacks<\/a>\u00a0in July of 2017. \u00a0He promptly contacted vendors but had originally planned to wait a month to publish his findings publicly. \u00a0When Vanhoef started working with the vendors, the scale of the problem grew larger than was first expected, so he delayed his public announcement until October.<\/p>\n

You might wonder why researchers don\u2019t release this sort of security information to protect the public right away. \u00a0Typically, when security researchers uncover vulnerabilities, they give vendors a chance to take action before they make the information public. \u00a0Otherwise, hackers might get the information to make use of before the vendors can issue patches. \u00a0There doesn\u2019t seem to be a lot of information about any true attacks using this method, so in this case, the researcher may have stayed ahead of the criminals.<\/p>\n

Status Updates for Krack Patches<\/h3>\n

At this time, Microsoft says they\u2019ve already released a patch. \u00a0Cisco has released patches for some devices but not all. \u00a0Dozens of other vendors are working furiously on the problem. \u00a0You can find a list of patches and status updates on\u00a0ZDNet<\/a>. \u00a0The article said it would get updated with future announcements, but you might also check with your own product maker\u2019s website.<\/p>\n

As always, you would be prudent to apply any manufacturer\u2019s updates as you get them. \u00a0You can also set most devices to accept automatic updates.<\/p>\n

How to Proceed Until Your Device Gets a Krack Attack Patch<\/h3>\n

These are some steps you can take to protect your own data:<\/p>\n