Researchers this week published information about a newfound, serious weakness in WPA2 — the security standard that protects all modern Wi-Fi networks. What follows is a short rundown on what exactly is at stake here, who’s most at-risk from this vulnerability, and what organizations and individuals can do about it.
Short for Wi-Fi Protected Access II, WPA2 is the security protocol used by most wireless networks today. Researchers have discovered and published a flaw in WPA2 that allows anyone to break this security model and steal data flowing between your wireless device and the targeted Wi-Fi network, such as passwords, chat messages and photos.
“The attack works against all modern protected Wi-Fi networks,” the researchers wrote of their exploit dubbed “KRACK,” short for “Key Reinstallation AttaCK.”
“Depending on the network configuration, it is also possible to inject and manipulate data,” the researchers continued. “For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.”
Review of this article
The weakness itselfThe recently published weakness of the WPA2 protocol only affects the communication between a device and the wireless spot. It has nothing to do with the security of the device content. The attacker has to be in the area of the WI-FI network to implement the attack.
The attack concept is explained in this explanatory website.
How to mitigate the risk's consequencesDepending on the devices you have it is not possible yet to apply patches and updates. You have to find other means to reinforce the security.
Try to use ethernet cables instead of WI-FI everywhere you can.
Use other layers of encryption for your communications through the WI-FI. It can be https only websites with https everywhere. You can also use a VPN system to encrypt the whole communication, MyCrypNet is a very useful tool for that.
Create your secure network