Your Wi-Fi security has been KRACK-ed; no device is safe!
Researchers discovered a new security breach that could have affected every Wi-Fi network in the world and every device that is connected to one. The bug "KRACK" allows anyone to eavesdrop and also access traffic details being transmitted between computers/devices and Wi-Fi systems. Researchers said vulnerability in the existing WPA2 Wi-Fi protocol left everyone prone to hacking and stealing of data. Find out more!
The researchers said: "The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks."
Mathy Vanhoef and Frank Piessens of Belgium's KU Leuven University discovered the KRACK attack, which is "severe" as it's affecting every device using Wi-Fi, especially WPA2 (Wi-Fi Protected Access) Wi-Fi. It can encrypt all Wi-Fi traffic, including sensitive data like location, bank account and credit/debit card information, messages, photos, etc. Simply put, all ways to access Internet via secured Wi-Fi router are affected.
In a report released on krackattacks.com, researchers highlighted that KRACK (Key Reinstallation Attack) could be used by cybercriminals to read all the information present on devices or being transmitted via Wi-Fi networks, which was earlier considered to be safely encrypted. It doesn't matter what operating system or device is being used, they added. However, no major hacking incident has been reported so far.
Now that WPA2 Wi-Fi security protocol - the most secure way to access the internet via Wi-Fi - has been breached, millions of individuals and businesses across the world could be attacked. Apart from Wi-Fi devices and operating systems, researchers have stated that HyperText Transfer Protocol Secure (HTTPS) - the mode for accessing secured websites - is also vulnerable to the attack.
According to researchers, the impact of KRACK could be minimized by users by updating their devices to the latest security update. Manufacturers of Wi-Fi devices, including laptops/computers, smartphones, and smart home devices, are likely to roll out the security updates soon. Changing the Wi-Fi passwords would be of no help, said experts. However, Wi-Fi router firmware should be up-to-date.
The report said: "Note that if your device supports Wi-Fi, it is most likely affected. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available."