The biggest and unprecedented vulnerability in the security of WiFi networks has just been discovered, and it is putting at huge risk the majority of WiFi networks, including your home and office WiFi. Most of WiFis, public and private, are now compromised by these new WPA2 protocol’s weaknesses, a security protocol used by the majority of WiFi networks. These key reinstallation attacks called KRACKs allow to hijack and steal user data, monitor their online activities and even interfere with them.
What is the KRACKs vulnerabilities on WPA2 protocol?
On October 16, 2017 the world learned about new and very serious WiFi vulnerabilities on the majority of WiFi networks and WiFi-connected devices through a planned and coordinated information release to the public.
A group of researchers from KU Leuven University, Huawei Technologies and Ruhr-Universität Bochum University discovered weaknesses in WPA2 protocol, which is the main security protocol used on the majority of WiFi networks, both public and private, and which normally guarantees the confidentiality of your online activities.
The research called “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was published online in a pdf format yesterday, and it will be presented by its authors at the Computer and Communication Security (CCS) conference in Dallas, USA, on November 1st, 2017, as well as at the Black Hat Europe conference in London, UK, on December 4, 2017.
We learned yesterday that these weaknesses were first discovered in July this year, when all the major vendors of WiFi network solutions and WiFi enabled devices were informed about the WPA2 vulnerabilities and were given 3 months to patch them.
Unfortunately, as of today most of them were not able to implement solutions to patch vulnerabilities, which means that the majority of WiFI enabled devices are still at risk.
Who is affected by the KRACKs vulnerabilities?
Everyone!
Almost all WiFi networks and almost all WiFi-enabled devices use the WPA2 protocol which has been compromised by KRACKs.
That means that no matter if you are on a “secure” WiFi network like your home password-protected WiFi or your office, you are still at risk. And the risk expands not only to your computers, laptops, mobile phones and tablets, but to all devices that use the WiFi of your network, including even your smart TV, smart fridge and even your smart lock!
This is the first major and unprecedented vulnerability on WiFi networks, raising a lot of questions of cyber security and data protection in the world of IoT.
Examples of devices with confirmed vulnerabilities are all Android devices above versions 6.0, Linux devices above version 4.0, Toshiba printers SureMark 4610 (models 1NR, 2CR, 2NR), many devices by Cisco, Intel, DD-WRT, Netgear, TP-Link, etc. A lot of major industry players still did not issue their statements on vulnerabilities or on their patches.
How do KRACKs and WPA2 weaknesses affect you?
This is what can happen when your WiFi security is compromised and cybercriminals access your WiFi network through a WPA2 vulnerability called KRACKs:
- They can intercept your data or all the information that is being sent or received via your WiFi network.
- They can see all your online activities, all the websites that you visit and everything you do on those websites (except for websites and SSL protection which start with https://)
- By intercepting which websites you visit, cybercriminals can also re-redirect your traffic to fake websites in order to capture your passwords, credit card details, and all other sensitive information.
What can you do yourself to protect your personal data and your devices?
1. Use a VPN on all your devices or even on your WiFi router.
There is only one 100% solutions at this time when WiFi devices vendors are struggling to patch the vulnerabilities to stop this major crisis, it is to personally ensure the security of your internet connection through a reliable VPN service!
The 1st and number 1 thing to do is to install a VPN and to make sure that your VPN connection is activated on all your devices at all times. Even better, if you can connect a VPN on your WiFi router – that will ensure the security of all your IoT devices connected to your WiFi router. Not all the routers support VPN connections though, so it might be a challenge. Here’s the list of major VPN routers that are compatible with Le VPN service.
2. Do not use and do not leave any sensitive information on unprotected websites which do not use SSL-encryption.
Secure websites always start with https:// with an S, and they also have a lock properly displayed next to the link. Nevertheless, you will only protect your data that you share on those websites and not everything else which is happening on your network.
3. Do not use WiFi.
This could be the best solution, but I doubt any of us can manage without a WiFi at this stage.
Will changing a WiFi password help from KRACKs?
Unfortunately the answer is NO.
Changing your password or even updating your router with the latest security updates will not help. The only solution is to secure your internet connection within your WiFi network by encrypting it with a VPN and sending all your traffic through a secure VPN tunnel like Le VPN.
A VPN has always been used to add an additional layer of security to your internet connection. Today when most of the WiFi networks are no longer secure, VPN is the only solution that can provide the security of all your internet activities and the data you send and receive online.
Install Le VPN now on all your devices to protect them from being hacked
Le VPN is one of the first and most reliable services in the market, providing VPN security solutions in 5 languages and from 100+ locations to clients from all other the world.
Le VPN service can be used on the majority of computers, laptops, tablets and mobile devices, and allows for 2 simultaneous connections from 2 different devices at the same time. When used on a router level, Le VPN offers VPN security to an unlimited number of devices connected to the router secured by Le VPN.
Our proprietary software and apps were developed for Windows, Mac, Android and iOS devices, and are intuitive and easy to use.
Waste no time hesitating any longer and protect all your devices and your data before it’s too late!
Get Le VPN now with a 7-day moneyback guarantee and take advantage of our special offer during the Cyber Security Awareness Month of October: 2 years of Le VPN service for $69.60!
HOLIDAY SPECIAL
First 3 years for $2.22/mo
NO LOGS
100+ LOCATIONS
P2P ALLOWED
Easy To Use
30-Day Money Back
Friendly Support
Bitcoin Accepted
Ultra High Speeds