What's the Krack: security expert says installing updates essential

'KRACK attack' targets your home's WiFi network

The WPA2 bug, which was dubbed as KRACK or Key Reinstallation Attacks, was discovered by security researcher Mathy Vanhoef.

If you read any tech websites besides Android Police, you may have already heard about 'KRACK.' That's the name for a serious security vulnerability that affects virtually every device supporting Wi-Fi connections - including Android.

Continue to use "WPA2" because it is still the most secure WiFi protocol now available, according to experts.

"Vulnerability "KRACK" can be used to steal credit card numbers, passwords, messages, emails, photos and other information", - said the expert of the Catholic University of Louvain on cybersecurity Mattie Vanhoff.

All the devices using WPA2 encrypted WiFi networks are vulnerable to the attacks.

Meanwhile, Apple said in a statement that "The fix for the KRACK WiFi vulnerability is now in the betas of iOS, macOS, watchOS and tvOS and will soon be rolled out to customers".

The attack exploits a flaw in how the WPA2 Wi-Fi encryption system is typically implemented.

The rapid proliferation of internet-connected devices, the infrequency of software patches, and multiple barriers to getting users to launch updates mean the vulnerability could compromise IoT security for a long time yet. Update smart phones, laptops, desktop computers, and personal access points or routers when available. At the moment that includes more than 40% of Android devices. The researcher said the flaw may also allow an attacker "to inject ransomware or other malware into websites".

The latest hacking threat is aimed at your home's WiFi network.

"As we see more frequently, the network and OS are a target for attack and out of control of the developer", writes Rusty Carter, vice president of product management at San Francisco security company Arxan, in an email to Fast Company.

While there are no reports of the flaw being exploited now, the security flaw can be exploited on a larger scale to cause a mass attack. Many of those companies have already begun issuing security patches, and experts are urging customers to keep their devices up to date.

Related:

Comments


Other news